This is the accessible text file for GAO report number GAO-07-310
entitled 'High-Risk Series: An Update' which was released on January
31, 2007.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
United States Government Accountability Office:
GAO:
January 2007:
High-Risk Series: An Update:
GAO-07-310:
GAO Highlights:
Highlights of GAO-07-310, a report to Congress on GAO’s High-Risk
Series
Why GAO Did This Study:
GAO’s audits and evaluations identify federal programs and operations
that, in some cases, are high risk due to their greater vulnerabilities
to fraud, waste, abuse, and mismanagement. In recent years, GAO also
has identified high-risk areas to focus on the need for broad-based
transformations to address major economy, efficiency, or effectiveness
challenges. Since 1990, GAO has periodically reported on government
operations it has designated as high risk. In this 2007 update for the
110th Congress, GAO presents the status of high-risk areas identified
in 2005 and new high-risk areas warranting attention by Congress and
the executive branch. Lasting solutions to high-risk problems offer the
potential to save billions of dollars, dramatically improve service to
the public, strengthen confidence and trust in the performance and
accountability of the U.S. government, and ensure the ability of
government to deliver on its promises.
What GAO Found:
In its January 2005 update, GAO identified 25 high-risk areas and, in
March 2006, added a 26th area. Since 2005, progress has been made in
all areas, although the extent varies by area. Both the executive
branch and Congress have shown a continuing commitment to addressing
high-risk challenges and taken steps to help correct several of their
root causes. High-risk areas were also among the suggested areas for
oversight for the 110th Congress that GAO recently provided to
congressional leadership. Sufficient progress has been made to remove
the high-risk designation from two areas: U.S. Postal Service
transformation efforts and long-term outlook and HUD single-family
mortgage insurance and rental housing assistance programs. Other areas
made significant progress, but not enough to be removed from the list
this cycle. Continued attention from the executive branch and Congress
is needed to make additional progress in other high-risk areas.
This year, GAO is designating three new high-risk areas. The first new
area—critical to the nation’s economic development—involves
transportation financing and capacity. Revenues to support federal
transportation trust funds are eroding at a time when investment is
needed to expand capacity to address congestion caused by increasing
passenger and freight travel. Given these problems, Congress and, for
some issues, the Department of Transportation should reassess the
federal role, revenue increase mechanisms, and funding allocations to
better position the federal government to address financing and
capacity challenges.
The second area involves effective protection of technologies critical
to U.S. national security. Technologies that underpin U.S. economic and
military strength continue to be targets for theft, espionage, reverse
engineering, and illegal export. Government programs established
decades ago to protect critical technologies are ill-equipped to weigh
competing U.S. interests as the security environment and technological
innovation continue to evolve in the 21st century. Accordingly, we are
designating the effective identification and protection of critical
technologies as a governmentwide high-risk area that warrants a
strategic re-examination of existing programs to identify needed
changes and ensure the advancement of U.S. interests.
The third area being designated as high risk involves federal oversight
of food safety because of risks to the economy and to public health and
safety. Agriculture, as the largest industry and employer in the United
States, generates more than $1 trillion in economic activity annually.
Any food contamination could undermine consumer confidence in the
government’s ability to ensure the safety of the U.S. food supply, as
well as cause severe economic consequences. The current fragmented
federal system has caused inconsistent oversight, ineffective
coordination, and inefficient use of resources. GAO has recommended
that Congress consider a fundamental re-examination of the system and
other improvements to help ensure the rapid detection of and response
to any accidental or deliberate contamination of food before public
health and safety is compromised.
What GAO Recommends:
This report contains GAO’s views on what remains to be done to bring
about lasting solutions for each high-risk area. Perseverance by the
executive branch in implementing GAO’s recommended solutions and
continued oversight and action by Congress are both essential to
achieving and sustaining progress.
[Hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-310.
To view the full product, click on the link above. For more
information, contact George H. Stalcup at (202) 512-9490 or
stalcupg@gao.gov.
[End of Section]
GAO's 2007 High-Risk List:
2007 High-Risk Areas:
Addressing Challenges in Broad-Based Transformations:
* Strategic Human Capital Management[A];
* Managing Federal Real Property[A];
* Protecting the Federal Government's Information systems and the
Nation's Critical Infrastructures;
* Implementing and Transforming the Department of Homeland Security;
* Establishing Appropriate and Effective Information-Sharing Mechanisms
to Improve Homeland Security;
* DOD Approach to Business Transformation[A];
- DOD Business Systems Modernization;
- DOD Personnel Security Clearance Program;
- DOD Support Infrastucture Management;
- DOD Financial Management;
- DOD Supply Chain Management;
- DOD Weapons Systems Acquisition;
* FAA Air Traffic Control Modernization;
* Financing the Nation's Transportation System[A] (New);
* Ensuring the effective Protection of Technologies Critical to U.S.
National Security Interests[A] (New);
* Transforming Federal Oversight of Food Safety[A] (New).
Managing Federal Contracting More Effectively;
* DOD Contract Management;
* DOE Contract Management;
* NASA Contract Management;
* Management of Interagency Contracting.
Assessing the Efficiency and Effectiveness of tax law Administration;
* Enforcement of tax laws[A];
* IRS Business Systems Modernization.
Modernizing and safeguarding Insurance and Benefit Programs;
* Modernizing Federal Disability Programs[A];
* Pension Benefit Guaranty Corporation Single-Employer Pension
Insurance Program;
* Medicare Program[A];
* Medicaid Program[A];
* National Flood Insurance Program[A].
Source: GAO.
[A] Legislation is likely to be necessary, as a supplement to actions
by the executive branch, in order to effectively address this high-risk
area.
[End of table]
Contents:
Letter:
Historical Perspective:
High-Risk Designations Removed:
U.S. Postal Service's Transformation Efforts and Long-Term Outlook:
HUD's Single-Family Mortgage Insurance and Rental Housing Assistance
Programs:
New High-Risk Areas:
Financing the Nation's Transportation System:
Ensuring the Effective Protection of Technologies Critical to U.S.
National Security Interests:
Transforming Federal Oversight of Food Safety:
Progress Being Made in Other High-Risk Areas:
Highlights for Each High-Risk Area:
Tables:
Table 1: Changes to GAO's High-Risk List, 1990 to 2007:
Table 2: Areas Removed from GAO's High-Risk List, 1990-2007:
Table 3: Year That Areas on GAO's 2007 High-Risk List Were Designated
as High Risk:
Table 4: U.S. Government Programs for the Identification and Protection
of Critical Technologies:
Figure:
Figure 1: Current Highway Trust Fund Year-End Balance Forecasts:
United States Government Accountability Office:
Washington, DC 20548:
Comptroller General of the United States:
January 2007:
The President of the Senate:
The Speaker of the House of Representatives:
Since 1990, GAO has periodically reported on government programs and
operations that it identifies as "high risk." This effort, which is
supported by the Senate Committee on Homeland Security and Governmental
Affairs and the House Committee on Oversight and Government Reform, has
brought a much needed focus to a targeted list of major challenges that
are impeding effective government and costing the government billions
of dollars each year. To help improve these high-risk operations, GAO
has made hundreds of recommendations. Moreover, GAO's focus on high-
risk problems contributed to Congress enacting a series of
governmentwide reforms to address critical human capital challenges,
strengthen financial management, improve information technology
practices, and instill a more effective, credible, and results-oriented
government.
GAO's high-risk status reports are provided at the start of each new
Congress to help in setting congressional oversight agendas. These
reports also help Congress and the executive branch carry out their
responsibilities while improving the government's performance and
enhancing its accountability for the benefit of the American people. In
this regard, I recently provided congressional leadership with a set of
recommendations based on GAO's work, including work on areas we have
designated as high risk, for its consideration in developing the
oversight agenda of the 110th Congress. Together, the high-risk update
and the recommendations for oversight can help congressional decision
makers focus on the key management challenges facing the nation.
The nation also continues to face broader policy challenges associated
with the current long-term fiscal imbalance and other key
sustainability challenges, as well as the need to ensure the federal
government is transparent, economical, efficient, effective, ethical,
and equitable. Addressing these challenges will require Congress to
make tough choices that fundamentally re-examine and transform the
government to be more effective in the 21st century. The infrastructure
to support these decisions is not fully in place, and focused attention
by the legislative and executive branches is needed to make progress.
In this regard, in the coming months, I plan to highlight the set of
tools needed to support more strategic decision making related to these
broader challenges facing our nation. These tools will center on
expanding the governmentwide focus on results; improving transparency
through better financial and performance management reporting; building
structures and processes that facilitate more strategic, systemic, and
integrated solutions; and transforming federal organizations,
functions, and operations.
This report summarizes progress made in correcting high-risk problems,
actions under way, and further actions that GAO believes are needed. In
addition, GAO has determined that sufficient progress has been made to
remove the high-risk designation from two areas: the U.S. Postal
Service's transformation efforts and long-term outlook, and the
Department of Housing and Urban Development's single-family mortgage
insurance and rental housing assistance programs. GAO has also
designated three new areas as high risk: financing the nation's
transportation system, ensuring the effective protection of
technologies critical to U.S. national security interests, and
transforming federal oversight of food safety. Furthermore, the
Department of Defense (DOD) continues to dominate the high-risk list.
Specifically, DOD has eight of its own high-risk areas and shares
responsibility for seven governmentwide high-risk areas.
In recent years, GAO's high-risk program has increasingly focused on
those major programs and operations that need urgent attention and
transformation in order to ensure that our national government
functions in the most economical, efficient, and effective manner
possible. Further, the administration has looked to GAO's program in
shaping governmentwide initiatives such as the President's Management
Agenda; and more recently, the administration undertook an effort to
encourage agencies to develop corrective action plans for high-risk
areas. As in prior GAO high-risk update reports, federal programs and
operations are also emphasized when they are at high risk because of
their greater vulnerabilities to fraud, waste, abuse, and
mismanagement. In addition, some of these high-risk agencies, programs,
or policies are in need of transformation, and several items will
require action by both the executive branch and Congress. Our objective
for the high-risk list is to bring visibility and urgency to these
areas in order to prompt needed actions sooner rather than later.
Copies of this update are being sent to the President, the
congressional leadership, other Members of Congress, the Director of
the Office of Management and Budget, and the heads of major departments
and agencies.
Signed by:
David M. Walker:
Comptroller General of the United States:
Historical Perspective:
In 1990, GAO began a program to report on government operations that we
identified as "high risk." Since then, generally coinciding with the
start of each new Congress, we have periodically reported on the status
of progress to address high-risk areas and updated our high-risk list.
Our most recent high-risk update was in January 2005.[Footnote 1]
Overall, our high-risk program has served to identify and help resolve
serious weaknesses in areas that involve substantial resources and
provide critical services to the public. Since our program began, the
government has taken high-risk problems seriously and has made long-
needed progress toward correcting them. In some cases, progress has
been sufficient for us to remove the high-risk designation. A summary
of changes to our high-risk list over the past 17 years are shown in
table 1. Areas removed from the high-risk list over that same period
are shown in table 2. The areas on GAO's 2007 high-risk list, and the
year each was designated as high risk, are shown in table 3.
Table 1: Changes to GAO's High-Risk List, 1990 to 2007:
Original high-risk list in 1990;
Number of areas: 14.
High-risk areas added since 1990;
Number of areas: 33.
High-risk areas removed since 1990;
Number of areas: 18.
High-risk areas consolidated since 1990;
Number of areas: 2.
High-risk list in 2007;
Number of areas: 27.
Source: GAO.
[End of table]
Table 2: Areas Removed from GAO's High-Risk List, 1990-2007:
Area: Federal Transit Administration Grant Management;
Year removed: 1995;
Year designated high risk: 1990.
Area: Pension Benefit Guaranty Corporation;
Year removed: 1995;
Year designated high risk: 1990.
Area: Resolution Trust Corporation;
Year removed: 1995;
Year designated high risk: 1990.
Area: State Department Management of Overseas Real Property;
Year removed: 1995;
Year designated high risk: 1990.
Area: Bank Insurance Fund;
Year removed: 1995;
Year designated high risk: 1991.
Area: Customs Service Financial Management;
Year removed: 1999;
Year designated high risk: 1991.
Area: Farm Loan Programs;
Year removed: 2001;
Year designated high risk: 1990.
Area: Superfund Program;
Year removed: 2001;
Year designated high risk: 1990.
Area: National Weather Service Modernization;
Year removed: 2001;
Year designated high risk: 1995.
Area: The 2000 Census;
Year removed: 2001;
Year designated high risk: 1997.
Area: The Year 2000 Computing Challenge;
Year removed: 2001;
Year designated high risk: 1997.
Area: Asset Forfeiture Programs;
Year removed: 2003;
Year designated high risk: 1990.
Area: Supplemental Security Income;
Year removed: 2003;
Year designated high risk: 1997.
Area: Student Financial Aid Programs;
Year removed: 2005;
Year designated high risk: 1990.
Area: Federal Aviation Administration Financial Management;
Year removed: 2005;
Year designated high risk: 1999.
Area: Forest Service Financial Management;
Year removed: 2005;
Year designated high risk: 1999.
Area: HUD Single-Family Mortgage Insurance and Rental Housing
Assistance Programs;
Year removed: 2007;
Year designated high risk: 1994.
Area: U.S. Postal Service Transformation Efforts and Long-Term Outlook;
Year removed: 2007;
Year designated high risk: 2001.
Source: GAO.
[End of table]
Table 3: Year That Areas on GAO's 2007 High-Risk List Were Designated
as High Risk:
Area: Medicare Program;
Year designated high risk: 1990.
Area: DOD Supply Chain Management;
Year designated high risk: 1990.
Area: DOD Weapon Systems Acquisition;
Year designated high risk: 1990.
Area: DOE Contract Management;
Year designated high risk: 1990.
Area: NASA Contract Management;
Year designated high risk: 1990.
Area: Enforcement of Tax Laws;
Year designated high risk: 1990.
Area: DOD Contract Management;
Year designated high risk: 1992.
Area: DOD Financial Management;
Year designated high risk: 1995.
Area: DOD Business Systems Modernization;
Year designated high risk: 1995.
Area: IRS Business Systems Modernization;
Year designated high risk: 1995.
Area: FAA Air Traffic Control Modernization;
Year designated high risk: 1995.
Area: Protecting the Federal Government's Information Systems and the
Nation's Critical Infrastructures;
Year designated high risk: 1997.
Area: DOD Support Infrastructure Management;
Year designated high risk: 1997.
Area: Strategic Human Capital Management;
Year designated high risk: 2001.
Area: Medicaid Program;
Year designated high risk: 2003.
Area: Managing Federal Real Property;
Year designated high risk: 2003.
Area: Modernizing Federal Disability Programs;
Year designated high risk: 2003.
Area: Implementing and Transforming the Department of Homeland
Security;
Year designated high risk: 2003.
Area: Pension Benefit Guaranty Corporation Single-Employer Pension
Insurance Program;
Year designated high risk: 2003.
Area: Establishing Appropriate and Effective Information-Sharing
Mechanisms to Improve Homeland Security;
Year designated high risk: 2005.
Area: DOD Approach to Business Transformation;
Year designated high risk: 2005.
Area: DOD Personnel Security Clearance Program;
Year designated high risk: 2005.
Area: Management of Interagency Contracting;
Year designated high risk: 2005.
Area: National Flood Insurance Program;
Year designated high risk: 2006.
Area: Financing the Nation's Transportation System;
Year designated high risk: 2007.
Area: Ensuring the Effective Protection of Technologies Critical to
U.S. National Security Interests;
Year designated high risk: 2007.
Area: Transforming Federal Oversight of Food Safety;
Year designated high risk: 2007.
Source: GAO.
[End of table]
Over the years, 18 areas have been removed from the high-risk list.
Eight of these were among the 14 programs and operations we determined
to be high risk at the outset of our efforts to monitor such programs.
These results demonstrate that the sustained attention and commitment
by Congress and agencies to resolve serious, long-standing high-risk
problems have paid off, as root causes of the government's exposure for
more than half of our original high-risk list have been successfully
addressed.
Historically, high-risk areas have been so designated because of
traditional vulnerabilities related to their greater susceptibility to
fraud, waste, abuse, and mismanagement. As our high-risk program has
evolved, we have increasingly used the high-risk designation to draw
attention to areas associated with broad-based transformations needed
to achieve greater economy, efficiency, effectiveness, accountability,
and sustainability of selected key government programs and operations.
Perseverance by the executive branch is needed in implementing our
recommended solutions for addressing these high-risk areas. Continued
congressional oversight and, in some cases, additional legislative
action will also be key to achieving progress, particularly in
addressing challenges in broad-based transformations.
To determine which federal government programs and functions should be
designated high risk, we use our guidance document, Determining
Performance and Accountability Challenges and High Risks.[Footnote 2]
In determining whether a government program or operation is high risk,
we consider whether it involves national significance or a management
function that is key to performance and accountability. We also
consider whether the risk is:
* an inherent problem, such as may arise when the nature of a program
creates susceptibility to fraud, waste, and abuse, or:
* a systemic problem, such as may arise when the programmatic;
management support; or financial systems, policies, and procedures
established by an agency to carry out a program are ineffective,
creating a material weakness.
Further, we consider qualitative factors, such as whether the risk:
* involves public health or safety, service delivery, national
security, national defense, economic growth, or privacy or citizens'
rights, or:
* could result in significantly impaired service; program failure;
injury or loss of life; or significantly reduced economy, efficiency,
or effectiveness.
In addition, we also consider the exposure to loss in monetary or other
quantitative terms. At a minimum, $1 billion must be at risk in areas
such as the value of major assets being impaired; revenue sources not
being realized; major agency assets being lost, stolen, damaged,
wasted, or underutilized; improper payments; and contingencies or
potential liabilities.
Before making a high-risk designation, we also consider corrective
measures planned or under way to resolve a material control weakness
and the status and effectiveness of these actions.
When legislative and agency actions, including those in response to our
recommendations, result in significant and sustainable progress toward
resolving a high-risk problem, we remove the high-risk designation. Key
determinants here include a demonstrated strong commitment to and top
leadership support for addressing problems, the capacity to do so, a
corrective action plan, and demonstrated progress in implementing
corrective measures.
The next section discusses how we applied our criteria in determining
what high-risk designations to remove and what to add for our 2007
update.
[End of section]
High-Risk Designations Removed:
For our 2007 high-risk update, we determined that sufficient progress
has been made to warrant removing two areas from the high-risk list:
the U.S. Postal Service's transformation efforts and long-term outlook
and the Department of Housing and Urban Development's (HUD) single-
family mortgage insurance and rental housing assistance programs. As we
have with areas previously removed from the high-risk list, we will
continue to monitor these programs, as appropriate, to ensure that the
improvements we have noted are sustained.
U.S. Postal Service Transformation Efforts and Long-Term Outlook:
In 2001, we designated the Postal Service's (Service) transformation
efforts and long-term outlook as high risk because the Service's
financial outlook had deteriorated significantly. The Service had a
projected deficit of $2 billion to $3 billion, severe cash flow
pressures, its debt was approaching the statutory borrowing limit; cost
growth was outpacing revenue increases; and productivity gains were
limited. Other challenges the Service faced included liabilities that
exceeded assets by $3 billion at the end of fiscal year 2002; major
liabilities and obligations estimated at close to $100 billion; a
restructuring of the workforce due to impending retirements and
operational changes; and long-standing labor-management relations
problems. We were also concerned that the Service had no comprehensive
plan to address its financial, operational, or human capital
challenges, including how it planned to reduce its debt, and it did not
have adequate financial reporting and transparency that would allow the
public to understand changes in its financial situation. Thus, we
recommended that the Service develop a comprehensive plan, in
conjunction with other stakeholders, that would identify the actions
needed to address its challenges and provide publicly available
quarterly financial reports with sufficient information to understand
the Service's current and projected financial condition. As the
Service's financial difficulties continued in 2002, we concluded that
the need for a comprehensive transformation of the Service was more
urgent than ever. The Service's basic business model, which assumed
that rising mail volume would cover rising costs and mitigate rate
increases, was outmoded as mail volumes stagnated or deteriorated in an
increasingly competitive environment. We called for Congress to act on
comprehensive postal reform legislation.
In our January 2003 high-risk report, we noted that the Service had
made progress by issuing a Transformation Plan in April 2002 and was
beginning to implement the plan. However, no consensus had been reached
on the Service's future, and we continued to have concerns about its
financial outlook. Subsequently, the Service gained some financial
breathing room primarily because legislation enacted in April 2003
reduced the Service's payments for its pension obligations, which
allowed the Service to achieve record net income, repay debt, and delay
rate increases until January 2006. In addition, a presidential
commission issued a report in July 2003 with a proposed future vision
for the Service and recommendations to ensure the viability of postal
services, and Congress considered proposed postal reform legislation.
Since 2003, the Service has continued to make progress in addressing
its financial and human capital challenges, it improved its financial
reporting by instituting quarterly financial reports, and it updated
its Transformation Plan in September 2005. At the end of fiscal year
2005, the Service had paid off its debt. In addition, as of the end of
fiscal year 2006, it had achieved 7 consecutive years of productivity
gains, positive net income for fiscal years 2003 through 2006, more
than $5 billion in cost savings since 2001, and it reduced its
complement by 95,000 since 2001. Also, in December 2006, the Service
reached tentative compensation contract agreements, subject to
ratification by union members, with three of its four major unions.
Very importantly, significant progress was also made when Congress
enacted comprehensive postal reform legislation in December 2006, which
provides a framework for modernizing the Service's rate-setting
processes and addresses the Service's long-term financial obligations
by returning responsibility for employees' military pension benefits to
the U.S. Treasury and establishing a mechanism for prefunding retiree
health benefits.
The Postal Service's management has demonstrated a commitment to
implementing the Transformation Plan and addressing many of the
financial and human capital challenges it faces. Also, the new postal
reform legislation gives the Service additional pricing flexibility and
allows it to retain earnings, which provide additional mechanisms to
address continuing challenges related to the Service's increasingly
competitive environment, given new and emerging technologies. These
continuing challenges include (1) generating sufficient revenues as
First-Class Mail volume declines and the changing mail mix provides
less revenue contribution than First-Class Mail, (2) controlling costs
as compensation and benefit costs rise, (3) continuing work-hour
reductions while maintaining service, (4) optimizing its infrastructure
and workforce to reduce costs and improve operational efficiency, and
(5) providing reliable data to assess performance.
Some of the Service's challenges relate to governmentwide challenges
that remain on our high-risk list, such as strategic human capital
management and managing federal real property. In the human capital
area, the Service continues to faces challenges related to managing
workforce changes due to retirements and network consolidations and
implementing performance-based compensation systems. In the real
property area, significant challenges remain related to how the Service
is planning and implementing infrastructure realignment to reduce
excess capacity as well as reflect changes in operations. Further
challenges persist related to the Service's identification and disposal
of excess property. We plan to closely monitor these challenges to
ensure that they are addressed. We will also monitor the implementation
of the postal reform legislation to determine how the results and
impacts compare with legislative intentions.
HUD Single-Family Mortgage Insurance and Rental Housing Assistance
Programs:
In 1994, we designated the U.S. Department of Housing and Urban
Development (HUD) as high risk because of fundamental management and
organizational problems that put billions of dollars in insured
mortgages and housing and community development assistance at risk. In
2001, we narrowed the high-risk designation to HUD's single-family
mortgage insurance and rental housing assistance programs because
progress was made overall, but significant and persistent problems in
these two program areas remained. Consistent with this designation,
four of the five material weaknesses cited in the audit report on HUD's
fiscal year 2001 financial statements related to these programs. Under
these programs, HUD manages more than $400 billion in insured mortgages
and annually spends about $30 billion to subsidize rents for lower-
income households. To accomplish this, HUD relies on thousands of
intermediaries, including lenders, appraisers, property management
contractors, public housing agencies, and multifamily property owners.
Historically, weaknesses in HUD's oversight of these entities have made
the programs vulnerable to fraud, waste, and abuse. For example, in
prior high-risk updates we noted that deficiencies in HUD's approval,
monitoring, and enforcement efforts for lenders and appraisers
increased the risk of insurance losses. In the rental assistance
program area, we reported that problems with HUD's monitoring of public
housing agencies and multifamily property owners contributed to
billions of dollars in improper rent subsidy payments (i.e., payments
that were too high or too low).
In our January 2005 high-risk update, we reported that HUD had
demonstrated commitment to and progress in addressing weaknesses in the
two high-risk program areas but that some of HUD's corrective actions
were in the early stages of implementation and additional steps were
needed to resolve ongoing problems. For example, in the single-family
mortgage insurance area, we reported that HUD had improved its
oversight of lenders and appraisers and issued or proposed regulations
to strengthen lender accountability and combat predatory lending
practices. However, we also noted that HUD continued to grant loan
underwriting authority to lenders that had not met the agency's
performance standards, and that weaknesses in HUD's process for paying
single-family property management contractors made the agency
vulnerable to questionable and potentially fraudulent payments. In the
rental housing assistance program area, we reported that HUD made
progress in reducing improper rental assistance payments. However, we
also noted that HUD had not fully implemented a critical part of its
efforts to reduce improper rental assistance payments--the verification
of tenant incomes using a Web-based data system--and it was uncertain
whether the agency would be able to sustain the reductions it had
already achieved. HUD had also made progress in ensuring that HUD-
assisted housing met the agency's physical condition standards.
Since 2005, HUD has continued to demonstrate a commitment to and
capacity for resolving risks, develop corrective action plans,
institute programs to monitor and evaluate the effectiveness of
corrective measures, and demonstrate progress in implementing
corrective measures. For example, HUD has continued to take actions to
address long-standing problems in its single-family mortgage insurance
programs, and has addressed more recently identified problems. More
specifically:
* In accordance with our recommendations, HUD has made progress in
implementing its corrective action plan for improving oversight of
lenders. Specifically, HUD has developed and implemented new and
clearer guidance for granting lenders underwriting authority. HUD has
hired a contractor to review the implementation of the new guidance and
plans to conduct additional monitoring through periodic internal
reviews. Additionally, in 2005, HUD modified its system for rating the
underwriting quality of loans in a way intended to focus more on
underwriting errors that are likely to affect HUD's insurance
risk.[Footnote 3]
* HUD made substantial progress in implementing its corrective action
plan to address weaknesses we identified in its process for paying
single-family property management contractors.[Footnote 4] For example,
in response to our recommendations, HUD has developed a financial
control manual that contains internal control procedures and policies,
including strict documentation requirements, for HUD field staff to use
in reviewing and approving payments. To ensure the effectiveness of
these corrective measures, HUD retained an independent public
accountant to periodically review the performance of the property
managers and test HUD field offices for compliance with the internal
control policies and procedures.
* In September 2005, we reported that HUD consistently underestimated
the subsidy costs for its single-family mortgage insurance
program.[Footnote 5] To more reliably estimate program costs, we
recommended that HUD study and report in the annual actuarial review of
its insurance fund the impact of variables not in the agency's loan
performance models that have been found in other studies to influence
credit risk. Consistent with our recommendation, a HUD contractor
incorporated variables for down-payment assistance and borrower credit
history into the actuarial review. According to HUD, the contractor
will continue to improve the forecasting ability of the models as
necessary using research and development funds provided for in the
contract. The audit report on HUD's fiscal year 2006 financial
statements eliminated the agency's only two outstanding material
weaknesses because of the improvements HUD made to its process for
estimating subsidy costs.
* In an April 2006 report, we cited factors limiting the effectiveness
of HUD's mortgage scorecard (an automated tool that evaluates the
default risk of borrowers).[Footnote 6] In response to our
recommendations, HUD developed a policy and procedures manual that
calls for annual (1) monitoring of the scorecard's ability to predict
loan default, (2) testing of additional predictive variables to include
in the scorecard, and (3) updating the scorecard with recent loan
performance data.
HUD has also taken actions to address the remaining problems in its
rental housing assistance programs. For example:
* HUD continued to reduce the amount of improper rent subsidies and
exceeded goals set in The President's Management Agenda, Fiscal Year
2002. HUD's goal for fiscal year 2005 was to reduce improper rent
subsidies by 50 percent, compared with fiscal year 2000, when HUD paid
an estimated $2.2 billion in improper subsidies. HUD exceeded this goal
by reducing estimated improper subsidies to $925 million in fiscal year
2005, a decline of 58 percent. Although the amount of improper
subsidies is still sizable, because of this progress the audit report
on HUD's fiscal year 2005 financial statements eliminated a long-
standing material weakness related to oversight and monitoring of
subsidy calculations. In accordance with the Improper Payments
Information Act of 2002, HUD plans to continue monitoring the
effectiveness of its corrective actions by making annual estimates of
improper payments.
* In 2006, HUD executed an important part of its plan for reducing
improper rental assistance payments by implementing a Web-based system
that provides public housing agencies with an efficient method for
validating the incomes of families receiving assistance. This system,
which HUD also plans to implement for multifamily property owners,
utilizes a database containing wage, unemployment, and new hire
information compiled by the Department of Health and Human Services.
HUD expects that the system will avoid an estimated $6 billion in
improper rent subsidies over 10 years.
* In response to our recommendations, HUD made on-site reviews of
public housing agencies' compliance with policies for determining rent
subsidies a permanent part of its oversight activities.[Footnote 7]
Beginning in fiscal year 2006, HUD committed resources to review 275
public housing agencies annually. HUD also developed and implemented a
system designed to collect complete and consistent information from
these reviews to help focus corrective actions where needed.
* HUD has continued to monitor the physical condition of HUD-assisted
housing, and its assessments indicate a substantial level of compliance
with the agency's physical standards. HUD physical inspections showed
that in fiscal years 2005 and 2006, about 94 percent of HUD-assisted
properties had satisfactory inspection scores.
In addition, HUD has made progress on human capital, acquisition
management, and information technology issues that in previous years we
cited as major management challenges contributing to HUD's high-risk
designation. For example, consistent with our recommendations, in 2005
HUD finalized guidance for implementing a comprehensive strategic
workforce plan that identifies the knowledge, skills, and abilities HUD
needs and the actions that it plans to take to build its workforce for
the future.[Footnote 8] HUD also developed a new succession management
plan to help ensure that the large number of staff expected to retire
over the next several years are replaced with qualified employees. In
the acquisition management area, HUD responded to our recommendations
by developing guidance emphasizing the use of contract administration
plans and a risk-based approach for overseeing the work of
contractors.[Footnote 9] Finally, HUD has made progress in its
information technology by reducing the number of noncompliant financial
management systems from 17 in 2003 to 2 in 2006.
We are removing the high-risk designation from HUD's single-family
mortgage insurance and rental housing assistance programs because of
the agency's progress in addressing problems in these areas. However,
it will be important for HUD to continue to place a high priority on
efficient and effective management of these programs. Proposed program
changes could introduce new risks and oversight challenges. More
specifically, HUD has proposed changes to its single-family mortgage
insurance program that would increase the size of the mortgages the
agency could insure, give the agency flexibility to set insurance
premiums based on the credit risk of borrowers, and reduce down-payment
requirements from the current 3 percent to potentially zero. However,
to implement this legislative proposal, HUD would have to manage new
risks and accurately estimate the costs of program changes. The
administration has also made legislative proposals to replace HUD's
largest rental housing assistance program (the Housing Choice Voucher
program) with a broader-purpose grant program. While such proposals
could help control rental subsidy costs and increase administrative
flexibility for public housing agencies, they also could complicate
HUD's oversight efforts by eliminating the uniformity of the current
program.
[End of section]
New High-Risk Areas:
GAO's use of the high-risk designation to draw attention to the
challenges associated with the economy, efficiency, and effectiveness
of government programs and operations in need of broad-based
transformation has led to important progress. We will also continue to
identify high-risk areas based on the more traditional focus on fraud,
waste, abuse, and mismanagement. Our focus will continue to be on
identifying the root causes behind vulnerabilities, as well as actions
needed on the part of the agencies involved and, if appropriate,
Congress.
For 2007, we have designated the following three new areas as high
risk: financing the nation's transportation system, ensuring the
effective protection of technologies critical to U.S. national security
interests, and transforming federal oversight of food safety.
Financing the Nation's Transportation System:
The nation's economic vitality and its citizens' quality of life depend
significantly on the efficiency of its transportation infrastructure.
This efficiency is threatened by increasing congestion. For example,
travel on roads is expected to increase by about 25 percent from 2000
to 2010, freight traffic is expected to increase by 43 percent from
1998 to 2010, and air traffic is expected to triple by 2025. As
congestion increases, the federal government faces the challenge of
providing funds to help maintain and expand the nation's transportation
system and ensuring that these funds are used efficiently. However,
revenues from traditional funding mechanisms may not keep pace with
demand. Furthermore, the nation's long-term fiscal challenges limit the
ability of decision makers to look to other revenue sources that are
currently funding security and other vital needs, raising questions
about the ability of federal programs to provide the robust growth that
many transportation advocates believe is required to meet the nation's
mobility needs. Compounding these funding constraints is the absence of
a link between federal grant funding levels and specific performance-
related goals and outcomes, resulting in little assurance that federal
funding is being channeled to the nation's most critical mobility
needs. In addition, federal funding is often tied to a single
transportation mode, which may limit the use of federal funds to
finance the greatest improvements in mobility.
Revenues to support the Highway Trust Fund--the major source of federal
highway and transit funding--are eroding. Receipts for the Highway
Trust Fund, which are derived from motor fuel and truck-related taxes
(on truck and trailer sales, truck tires, and heavy-vehicle use) are
continuing to grow. However, the federal motor fuel tax rate of 18.4
cents per gallon has not been increased since 1993, and thus the
purchasing power of fuel tax revenues has eroded with inflation.
Furthermore, that erosion will continue with the introduction of more
fuel-efficient vehicles and alternative-fueled vehicles in the coming
years, raising the question of whether fuel taxes are a sustainable
source for financing transportation. In addition, funding authorized in
the recently enacted highway and transit program legislation is
expected to outstrip the growth in trust fund receipts. As a result,
the Department of the Treasury and the Congressional Budget Office are
forecasting that the trust fund balance will steadily decline and reach
a negative balance by the end of fiscal year 2011. (See fig. 1.) On a
positive note, the 2005 reauthorization of the trust fund and its
related programs established a commission--chaired by the Secretary of
Transportation and which will report later this year--to recommend
approaches for placing the trust fund on a sustainable path.
Figure 1: Current Highway Trust Fund Year-End Balance Forecasts:
[See PDF for image]
Source: GAO analysis of data provided in the President's budget and by
CBO.
[End of figure]
In the face of these constraints, state and local governments are
pursuing alternative mechanisms that have the potential to meet
mobility and financing needs and help decision makers carry out and
grow their surface transportation programs. For example, many states
are pursuing tolling projects that have the promise to raise revenues,
improve capital investment decisions by better targeting spending for
new capacity, and enhance private-sector investment in public
infrastructure. Tolls that vary according to the level of congestion
(called congestion or value pricing) can maintain a predetermined level
of service, create incentives for drivers to avoid driving alone in
congested conditions, and encourage drivers to use public
transportation or travel at less congested times. One state, Oregon, is
studying the technical feasibility of replacing its motor fuel tax with
a per-mile user fee.
Intercity passenger rail service is also at a critical juncture. The
existing intercity passenger rail system is in poor financial
condition, and the federal funds provided for it are not targeted to
the greatest public benefits, such as transportation congestion relief.
The current service provider (Amtrak) continues to rely heavily on
federal subsidies--over $1 billion annually in recent years--and will
require billions more to address deferred maintenance and achieve a
"state of good repair."[Footnote 10] This current crisis is not
unusual; Amtrak has struggled to become financially solvent since its
inception. We have recommended that Congress consider restructuring the
nation's intercity passenger rail system, which would entail
establishing clear goals for the system, defining the roles of key
stakeholders (including the federal government), and developing funding
mechanisms that include cost sharing between the federal government and
other beneficiaries.
The freight railroad industry is projected to grow substantially with
expected increases in freight traffic, but the industry's ability to
fund this projected growth is largely uncertain. For private companies
seeking to maximize returns for shareholders, railroad investment poses
a substantial risk. But railroad investment is critical to freight
mobility and economic growth, and investments in rail projects can
produce public benefits, such as reducing highway congestion,
strengthening intermodal connections and the efficiency of the publicly
owned transportation system, and enhancing public safety and the
environment. As a result, the federal and state governments have
increasingly invested public funds in freight rail projects, such as
the $100 million that Congress provided in 2005 for rail infrastructure
improvements in the Chicago area. In the years ahead, Congress is
likely to receive further requests for funding and face additional
decisions about potential federal policy responses and the federal role
in the nation's freight railroad infrastructure. In the highly
constrained federal funding environment, such policy responses need to
recognize that the freight transportation system functions in a
competitive marketplace, calling for a mode-neutral approach.
Currently, as we have reported, the trucking and barge industries have
a competitive price advantage over railroads because trucks and barges
use infrastructure that is owned and maintained by the government,
whereas rail companies use infrastructure that they pay to own and
maintain.[Footnote 11] In addition, decision makers will be challenged
to make investment decisions that reflect public priorities and are
designed to achieve demonstrable, wide-ranging public benefits that
warrant the commitment of scarce federal funds.
Federal aviation programs are also facing growing infrastructure
demands and constrained resources. To meet the anticipated increases in
commercial aviation travel, the Federal Aviation Administration (FAA)
and aviation stakeholders are developing the "next-generation air
transportation system" (NGATS) to modernize the nation's air traffic
control (ATC) infrastructure and increase capacity. This effort is
complex and costly: Under one scenario that includes a limited,
preliminary cost estimate for NGATS, FAA's budget would, on average,
exceed FAA's fiscal year 2006 appropriation level by about $1 billion a
year (in today's dollars) through 2025. FAA and some stakeholders have
raised doubts about the ability of the current funding system--the
Aviation Trust Fund--to generate revenues to meet these budgetary needs
equitably and efficiently over time. Specifically, FAA and some
stakeholders are concerned that as FAA's workload (and, therefore,
costs) rises, there will be no corresponding increase in its revenues
because of the greater use of smaller aircraft and a decline in
inflation-adjusted airfares. Trends in these data provide support for
these concerns. While FAA has a history of cost control problems
associated with ATC modernization, it has made a number of important
management improvements. However, questions remain about FAA's ability
to manage the transition to NGATS cost-effectively. However, failing to
meet these infrastructure challenges in aviation may have significant
consequences, since aviation is an integral part of the economy. FAA is
expected to release its proposal to reform the current funding system
within the next few months.
Given the common challenges spanning the nation's transportation
infrastructure, Congress and, for some issues, the Department of
Transportation should reassess the following issues for all
transportation modes to better position the federal government to
address these challenges:
1. the appropriate federal role and strategy in funding, selecting, and
evaluating transportation investments;
2. mechanisms to seek alternative sources of revenues and, where
appropriate, to increase revenues for infrastructure improvements,
including user fees and alternatives to stimulate private investment,
while considering their impact on the federal budget; and:
3. funding allocation and monitoring methods to ensure the equity,
efficiency, accountability, and performance of transportation
investments.
Ensuring the Effective Protection of Technologies Critical to U.S.
National Security Interests:
U.S. military strategy is premised on technological superiority on the
battlefield. The Department of Defense spends billions of dollars each
year for the development and production of high technology weaponry to
maintain superiority. These weapons and militarily useful technologies
are sold overseas by U.S. companies for economic reasons and by the
U.S. government for foreign policy, security, and economic reasons.
Yet, the technologies that underpin U.S. military and economic strength
continue to be targets for theft, espionage, reverse engineering, and
illegal export. At the same time, the programs the U.S. government has
in place to protect critical technologies by weighing competing and
sometimes conflicting national security, foreign policy, and economic
interests have long been criticized by industry and allies for their
inability to adapt to a changing world environment and their lack of
efficiency.
The U.S. government has a myriad of laws, regulations, policies, and
processes intended to identify and protect critical technologies so
they can be transferred to foreign parties in a manner consistent with
U.S. interests. The government's technology protection programs include
those that regulate U.S. defense-related exports and investigate
proposed foreign acquisitions of U.S. national security-related
companies. (See table 4.) Responsibility for administering or
overseeing the different programs is divided among multiple federal
agencies and several congressional committees. However, in the decades
since these programs were put in place, significant forces have
heightened the U.S. government's challenge of weighing security
concerns with the desire to reap economic benefits. Most notably, in
the aftermath of the September 2001 terrorist attacks, the threats
facing the nation have been redefined. In addition, the economy has
become increasingly globalized as countries open their markets and the
pace of technological innovation has quickened worldwide. Government
programs established decades ago to protect critical technologies are
ill-equipped to weigh competing U.S. interests as these forces continue
to evolve in the 21st century. Accordingly, we are designating the
effective identification and protection of critical technologies as a
governmentwide high-risk area, which warrants a strategic re-
examination of existing programs to identify needed changes and ensure
the advancement of U.S. interests.
Table 4: U.S. Government Programs for the Identification and Protection
of Critical Technologies:
Program: Militarily Critical Technologies Program;
Agencies: Defense;
Program's purpose: Identify and assess technologies that are critical
for retaining U.S. military dominance;
Legal authority: Export Administration Act of 1979.
Program: Dual-Use Export Control System;
Agencies: Commerce (lead), State, Central Intelligence Agency, Defense,
Energy, Homeland Security, and Justice;
Program's purpose: Regulate export of dual-use items by U.S. companies
after weighing economic, national security, and foreign policy
interests;
Legal authority: Export Administration Act of 1979.
Program: Arms Export Control System;
Agencies: State (lead), Defense, Homeland Security, and Justice;
Program's purpose: Regulate export of arms by U.S. companies, giving
primacy to national security and foreign policy concerns;
Legal authority: Arms Export Control Act of 1976.
Program: Foreign Military Sales Program;
Agencies: State and Defense (leads), Homeland Security;
Program's purpose: Provide foreign governments with U.S. defense
articles and services to help promote interoperability while lowering
the unit costs of weapon systems;
Legal authority: Arms Export Control Act of 1976.
Program: National Disclosure Policy Process;
Agencies: State, Defense, and intelligence community;
Program's purpose: Determine the releasibility of classified military
information, including classified weapons and military technologies, to
foreign governments;
Legal authority: National Security Decision Memorandum 119 of 1971.
Program: Committee on Foreign Investment in the United States (CFIUS);
Agencies: Treasury (lead), Commerce, Defense, Homeland Security,
Justice, State, and six offices from the Executive Office of the
President;
Program's purpose: Investigate the impact of foreign acquisitions on
national security and to suspend or prohibit acquisitions that might
threaten national security;
Legal authority: Exon-Florio Amendment of 1988 to the Defense
Production Act of 1950.
Program: National Industrial Security Program;
Agencies: Defense (lead), applicable to other departments and agencies;
Program's purpose: Ensure that contractors (including those under
foreign influence, control, or ownership) appropriately safeguard
classified information in their possession;
Legal authority: Executive Order No. 12829 of 1993.
Program: Anti-Tamper Policy;
Agencies: Defense;
Program's purpose: Establish anti-tamper techniques on weapons systems
when warranted as a method to protect critical technologies on these
systems;
Legal authority: Defense Policy Memorandum, 1999.
Sources: GAO (analysis); cited legal authorities (data).
[End of table]
Over the years, we have identified weaknesses in the effectiveness and
efficiency of government programs designed to protect critical
technologies while advancing U.S. interests. While each program has its
own set of challenges, we found that these weaknesses are largely
attributable to poor coordination within complex interagency processes,
inefficiencies in program operations, and a lack of systematic
evaluations for assessing program effectiveness and identifying
corrective actions. The impacts of these weaknesses are not always
visible or immediate but, as we have reported, increase the risk of
military gains by entities with interests contrary to those of the
United States and of financial harm to U.S. companies. Others,
including the Office of the National Counterintelligence Executive,
congressional committees, and inspectors general, have also reported on
vulnerabilities in these programs and the resulting harm--both actual
and potential--to U.S. security and economic interests.
Several of the programs designed to protect critical technologies are
inherently complex. Multiple departments and agencies representing
various interests, which at times can be competing and even divergent,
participate in decisions about the control and protection of critical
U.S. technologies. However, as exemplified below, poor coordination and
fundamental disagreements among the departments have had unintended
consequences for both national security and economic interests.
* Commerce and State have yet to clearly determine which department
controls the export of certain missile technology items, which
increases the risk that these items will fall into the wrong hands or
creates an unlevel playing field for U.S. companies.[Footnote 12] Since
Commerce and State have different restrictions on these items, it is
important that they define who controls the items. Otherwise, the
exporter--not the government--is left to determine which restrictions
apply and the type of governmental review.
* The departments participating in the Committee on Foreign Investment
in the United States (CFIUS) lack a coordinated approach for defining
what constitutes a threat to national security and what warrants an
investigation to ensure that the risk of foreign ownership is
mitigated.[Footnote 13] This lack of agreement among the members, which
limits CFIUS's analyses of proposed and completed foreign acquisitions,
has been intensified by continued economic globalization and by
increasingly diffuse threats. Some CFIUS members have argued that
taking a more traditional and narrow view of what constitutes a
national security threat can limit the protection of critical
infrastructure or the preservation of technological superiority in the
defense arena. Recently, member agencies indicated a need for changes
to the process and some are currently under way.
* Within Defense, the military services and programs have different
interpretations of what constitutes military critical technologies,
which can result in different conclusions about what technologies need
protection through the application of anti-tamper techniques.[Footnote
14] Defense does not coordinate or oversee how the services and
programs identify critical technologies needing anti-tamper protection.
This creates the vulnerability of having the same technology protected
on one weapon system but not on another, thereby exposing both systems
to exploitation and compromise.
While government officials responsible for administering the programs
designed to protect critical technologies may appropriately take time
to make decisions as they consider the multiple interests involved,
inefficiencies in the various programs have created unnecessary delays
in sharing critical technologies with allies.
* Although State has implemented a series of initiatives primarily
designed to expedite the processing of arms export licenses, we found
that these initiatives have generally not been successful.[Footnote 15]
Most notably, the department designated the processing of license
applications in support of Operations Iraqi Freedom and Enduring
Freedom its top priority and established an expedited process for
reviewing those applications. However, only 19 percent of the
applications submitted through the expedited process for these
operations were processed within the goals set by the
department.[Footnote 16] These included applications for protective
body armor for U.S. and coalition forces and aircraft defensive
systems.
The departments charged with protecting critical technologies have not
systematically evaluated their respective programs to determine whether
they are fulfilling their missions in a changing environment and
whether corrective actions are needed.
* Given its lack of systematic evaluations, Commerce cannot readily
identify weaknesses in the dual-use export control system or implement
needed corrective measures that allow U.S. companies to compete in the
global marketplace while minimizing the risk to other U.S.
interests.[Footnote 17] As we and the Office of Management and Budget
have reported, Commerce has not established performance measures that
provide a basis for assessing the effectiveness of the dual-use export
control system. Instead, Commerce relies on narrow measures related to
the efficiencies of its processes and anecdotal indications to gauge
how well the system is functioning.
* After the September 2001 terrorist attacks, State did not make
fundamental or significant changes to the arms export control system,
its objectives, or implementing regulations.[Footnote 18] State
officials maintained that such changes are not needed because they
regard the system as effective in keeping U.S. defense items out of
enemy hands while ensuring that allies can obtain needed arms. However,
State's conclusions regarding the system appear without basis because
State has not provided evidence that it systematically assessed the
effectiveness of its controls or major initiatives that were intended
to facilitate sales to allies. Further, our reports have documented
weaknesses and challenges over the years that point to vulnerabilities
in the arms export control system and its ability to protect U.S.
interests.
* Defense cannot provide assurances that its oversight of foreign owned
or influenced contractors is sufficient to reduce the risk of foreign
interests gaining unauthorized access to U.S. classified
information.[Footnote 19] Specifically, Defense does not systematically
collect information to know if contractors are reporting certain
business transactions, which would enable Defense to know when a
contractor has come under foreign influence and determine what
protective measures may be needed to reduce the risk of information
compromise. For example, one foreign-owned contractor appeared to have
had access to U.S. classified information for at least 6 months before
a protective measure was implemented. Moreover, Defense neither
centrally collects information to determine the magnitude of
contractors under foreign influence nor assesses the effectiveness of
its oversight so it can identify weaknesses in its protective measures
and make necessary adjustments.
We have recommended numerous corrective actions to address these
weaknesses and inefficiencies, but the departments involved have not
implemented many of the recommendations that address the most
fundamental problems affecting the protection of critical technologies
and the advancement of U.S. interests. Legislation has been introduced
to modify or reform aspects of the programs for protecting critical
technologies. For example, legislation was introduced in the 109th
Congress to reauthorize the Export Administration Act.[Footnote 20]
Also, the House of Representatives passed legislation in 2005 to create
an interagency strategic export control board charged with conducting a
comprehensive evaluation of U.S. export controls and developing
recommendations for consolidating export control functions. In
addition, the House and Senate passed two different bills in the last
Congress, and new legislation has recently been introduced in the House
to reform CFIUS and its approach to evaluating proposed foreign
acquisitions. However, to date, legislation has not been enacted to
overhaul these programs and executive action has not resulted in
fundamental changes to these programs.
Implementation of our outstanding recommendations should be an interim
step in improving the effectiveness and efficiency of existing
government programs intended to identify and protect critical
technologies. However, further actions are needed. The executive and
legislative branches need to re-examine the current government programs
to determine whether and how they can collectively achieve their
mission and evaluate alternative approaches. The results of these
efforts should provide the basis for establishing a comprehensive
framework with clear responsibilities and accountability for
identifying and protecting critical technologies as global forces
continue to reshape U.S. national security and economic interests.
Transforming Federal Oversight of Food Safety:
This nation enjoys a plentiful and varied food supply that is generally
considered to be safe. However, the patchwork nature of the federal
oversight of food safety calls into question whether the government can
plan more strategically to inspect food production processes, identify
and react more quickly to any outbreaks of contaminated food, and focus
on achieving results to promote the safety and integrity of the
nation's food supply. This challenge is even more urgent since the
terrorist attacks of September 11, 2001, heightened awareness of
agriculture's vulnerabilities to terrorism, such as the deliberate
contamination of food or the introduction of disease to livestock,
poultry, and crops. Over several years, we have reported on issues that
suggest that food safety could be designated as a high-risk area
because of the need for transforming the federal oversight framework to
reduce risks to public health as well as the economy.
Either an accidental or deliberate contamination of food or the
introduction of disease to livestock, poultry, and crops could
undermine consumer confidence in the government's ability to ensure the
safety of the U.S. food supply, as well as cause severe economic
consequences. Each year, about 76 million people contract a food-borne
illness in the United States; about 325,000 require hospitalization;
and about 5,000 die, according to the Centers for Disease Control and
Prevention. In addition, agriculture, as the largest industry and
employer in the United States, generates more than $1 trillion in
economic activity annually, or about 13 percent of the gross domestic
product. The value of U.S. agricultural exports exceeded $68 billion in
fiscal year 2006. An introduction of a highly infectious foreign animal
disease, such as avian influenza or foot-and-mouth disease, would cause
severe economic disruption, including substantial losses from halted
exports. Similarly, food contamination, such as the recent E. coli
outbreaks, can have a detrimental impact on local economies. For
example, industry representatives estimate losses from the recent
California spinach E. coli outbreak to range from $37 million to $74
million.
A challenge for the 21st century is how several federal agencies can
integrate the myriad food safety programs and strategically manage
their portfolios to promote the safety and integrity of the nation's
food supply.[Footnote 21] In numerous previous reports, we have
described the fragmented federal food safety system in which 15
agencies collectively administer at least 30 laws related to food
safety. The two primary agencies are the U.S. Department of Agriculture
(USDA), which is responsible for the safety of meat, poultry, and
processed egg products and the Food and Drug Administration (FDA),
which is responsible for virtually all other foods. Among other
agencies with responsibilities related to food safety, the National
Marine Fisheries Service in the Department of Commerce conducts
voluntary, fee-for-service inspections of seafood safety and quality;
the Environmental Protection Agency (EPA) regulates the use of
pesticides and maximum allowable residue levels on food commodities and
animal feed; and the Department of Homeland Security (DHS) is
responsible for coordinating agencies' food security activities.
The food safety system is further complicated by the subtle differences
in food products that dictate which agency regulates a product as well
as the frequency with which inspections occur. For example, how a
packaged ham-and-cheese sandwich is regulated depends on how the
sandwich is presented. USDA inspects manufacturers of packaged open-
face meat or poultry sandwiches (e.g., those with one slice of bread),
but FDA inspects manufacturers of packaged closed-face meat or poultry
sandwiches (e.g., those with two slices of bread). Although there are
no differences in the risks posed by these products, USDA inspects
wholesale manufacturers of open-face sandwiches sold in interstate
commerce daily, while FDA inspects closed-face sandwiches an average of
once every 5 years.
This federal regulatory system for food safety evolved piecemeal,
typically in response to particular health threats or economic crises.
During the past 30 years, we have detailed problems with the fragmented
federal food safety system and reported that the system has caused
inconsistent oversight, ineffective coordination, and inefficient use
of resources. Our most recent work demonstrates that these challenges
persist. Specifically:
* Existing statutes give agencies different regulatory and enforcement
authorities. For example, food products under FDA's jurisdiction may be
marketed without the agency's prior approval. On the other hand, food
products under USDA's jurisdiction must generally be inspected and
approved as meeting federal standards before being sold to the public.
Under current law, USDA inspectors maintain continuous inspection at
slaughter facilities and examine each slaughtered meat and poultry
carcass. They also visit each processing facility at least once during
each operating day. For foods under FDA's jurisdiction, however,
federal law does not mandate the frequency of inspections.[Footnote 22]
* We reported that federal agencies are spending resources on
overlapping food safety activities.[Footnote 23] USDA and FDA both
inspect shipments of imported food at 18 U.S. ports-of-entry. However,
these two agencies do not share inspection resources at these ports.
For example, USDA officials told us that all USDA-import inspectors are
assigned to and located at USDA-approved import inspection facilities
and some of these facilities handle and store FDA-regulated products.
USDA has no jurisdiction over these FDA-regulated products. Although
USDA maintains a daily presence at these facilities, the FDA-regulated
products may remain at the facilities for some time awaiting FDA
inspection. In fiscal year 2003, USDA spent almost $16 million on
imported food inspections, and FDA spent more than $115 million.
* Food recalls are voluntary and federal agencies responsible for food
safety have no authority to compel companies to carry out recalls--with
the exception of FDA's authority to require a recall for infant
formula. USDA and FDA provide guidance to companies for carrying out
voluntary recalls. We reported that USDA and FDA can do a better job in
carrying out their food recall programs so they can quickly remove
potentially unsafe food from the marketplace.[Footnote 24] These
agencies do not know how promptly and completely companies are carrying
out recalls, do not promptly verify that recalls have reached all
segments of the distribution chain, and use procedures to alert
consumers to a recall that may not be effective.
* The terrorist attacks of September 11, 2001, have heightened concerns
about agriculture's vulnerability to terrorism. The Homeland Security
Act of 2002 assigned DHS the lead coordination responsibility for
protecting the nation against terrorist attacks, including
agroterrorism. Subsequent presidential directives further define
agencies' specific roles in protecting agriculture and the food system
against terrorist attacks. We reported that in carrying out these new
responsibilities, agencies have taken steps to better manage the risks
of agroterrorism, including developing national plans and adopting
standard protocols.[Footnote 25] However, we also found several
management problems that can reduce the effectiveness of the agencies'
routine efforts to protect against agroterrorism. For example, there
are weaknesses in the flow of critical information among key
stakeholders and shortcomings in DHS's coordination of federal working
groups and research efforts.
* In response to the nation's pressing fiscal challenges, agencies may
have to explore new approaches to achieve their missions. FDA is
responsible for ensuring the safety of seafood. More than 80 percent of
the seafood that Americans consume is imported. We reported in 2001
that FDA's seafood inspection program did not sufficiently protect
consumers.[Footnote 26] For example, FDA tested about 1 percent of
imported seafood products. We subsequently found that FDA's program has
shown some improvement. More foreign firms are inspected, and
inspections show that more U.S. seafood importers are complying with
its requirements.[Footnote 27] Given FDA officials' concerns about
limited inspection resources, we also identified options, such as using
personnel in the National Oceanic and Atmospheric Administration's
Seafood Inspection Program to augment FDA's inspection capacity or
state regulatory laboratories for analyzing imported seafood. FDA
agreed with these options.
* We reported that in fiscal year 2003, four agencies--USDA, FDA, EPA,
and the National Marine Fisheries Service--spent $1.7 billion on food
safety-related activities.[Footnote 28] USDA and FDA together were
responsible for nearly 90 percent of federal expenditures for food
safety. However, these expenditures were not based on the volume of
foods regulated by the agencies or consumed by the public. The majority
of federal expenditures for food safety inspection were directed toward
USDA's programs for ensuring the safety of meat, poultry, and egg
products; however, USDA is responsible for regulating about 20 percent
of the food supply. In contrast, FDA, which is responsible for
regulating about 80 percent of the food supply, accounted for only
about 24 percent of expenditures.
Others have called for fundamental changes to the federal food safety
system overall. In 1998, the National Academy of Sciences concluded
that the system is not well equipped to meet emerging
challenges.[Footnote 29] In response to the academy's report, the
President established a Council on Food Safety which released a Food
Safety Strategic Plan in January 2001. The plan recognized the need for
a comprehensive food safety statute and concluded "the current
organizational structure makes it more difficult to achieve future
improvements in efficiency, efficacy, and allocation of resources based
on risk."
While many of the recommendations we made have been acted upon, a
fundamental re-examination of the federal food safety system is
warranted. Taken as a whole, our work indicates that Congress and the
executive branch can and should create the environment needed to look
across the activities of individual programs within specific agencies
and toward the goals that the federal government is trying to achieve.
To that end, we have recommended, among other things, that Congress
enact comprehensive, uniform, and risk-based food safety legislation
and commission the National Academy of Sciences or a blue ribbon panel
to conduct a detailed analysis of alternative organizational food
safety structures.[Footnote 30] We have also recommended that the
executive branch reconvene the President's Council on Food Safety to
facilitate interagency coordination on food safety regulation and
programs.
These actions can begin to address the fragmentation in the federal
oversight of food safety. Going forward, to build a sustained focus on
the safety and the integrity of the nation's food supply, Congress and
the executive branch can integrate various expectations for food safety
with congressional oversight and through agencies' strategic planning
processes. The development of a governmentwide performance plan that is
mission-based, has a results-orientation, and provides a cross-agency
perspective offers a framework to help ensure agencies' goals are
complementary and mutually reinforcing. Further, with pressing fiscal
challenges, this plan can assist decision makers in balancing trade-
offs and comparing performance when resource allocation and
restructuring decisions are made.
[End of section]
Progress Being Made in Other High-Risk Areas:
For other areas that remain on our 2007 high-risk list, there has been
important but varying levels of progress, although not yet enough
progress to remove these areas from the list. Top administration
officials have expressed their commitment to ensuring that high-risk
areas receive adequate attention and oversight. The Office of
Management and Budget (OMB) has led an initiative to prompt agencies to
develop detailed action plans for each area on our high-risk list.
These plans are to identify specific goals and milestones that address
and reduce the risks identified by us within each high-risk area.
Further, OMB has encouraged agencies to consult with us regarding the
problems our past work has identified, and the many recommendations for
corrective actions we have made. While progress on developing and
implementing plans has been mixed, such a concerted effort by agencies
and ongoing attention by OMB are critical; our experience over the past
17 years has shown that perseverance is required to fully resolve high-
risk areas. Congress, too, will continue to play an important role
through its oversight and, where appropriate, through legislative
action targeting both specific problems and the high-risk areas
overall.
Examples of progress in other programs or operations that were
previously designated as high risk are discussed below and in the
highlights pages that follow this section.
* The Department of Health and Human Services and its Centers for
Medicare & Medicaid Services (CMS) have made some progress to improve
the fiscal integrity and oversight of the Medicaid program, which was
designated high risk in 2003. For example, CMS has taken steps to
improve its oversight of certain Medicaid financial management
activities, including efforts to oversee states' financing methods. It
also issued a comprehensive 5-year plan in July 2006 that outlined
initial activities planned for implementing the Medicaid Integrity
Program required by the Deficit Reduction Act of 2005. However, several
oversight weaknesses previously identified by us have not yet been
addressed. For example, CMS has not incorporated the use of key
Medicaid data systems into its oversight of states' Medicaid claims, or
clarified and communicated its policies in several high-risk areas,
such as supplemental payment arrangements and administrative costs. The
results of CMS's actions will need to be assessed to determine their
effectiveness in improving the program's fiscal integrity, and more
action is needed before the program's high-risk designation can be
removed.
* Regarding the Medicare program, the Centers for Medicare & Medicaid
Services (CMS) has made some progress in the last 2 years in reforming
and refining payment methods, enhancing program integrity, improving
program management, and overseeing patient safety and care. For
example, CMS is improving how it sets or updates rates for hospital
services, durable medical equipment, and certain drugs and devices
supplied in medical facilities. Medicare's most recent estimate of its
national rate of improper payments was 4.4 percent--the lowest since
measurement began in 1996. Nevertheless, Medicare's size, complexity,
and vulnerability to mismanagement and improper payments suggest that
its high-risk designation cannot be removed. For example, GAO found
weaknesses in CMS's information security controls that could make
sensitive, personally identifiable medical information vulnerable to
unauthorized access. Similarly, call centers sponsored by the agency or
private drug plans fell short in providing accurate and complete
information to callers inquiring about the new prescription drug
benefit.
* The administration and real property-holding agencies have made
progress toward strategically managing federal real property. In
response to both an executive order aimed at improving real property
management and the President's Management Agenda initiative on real
property, agencies have, among other things, established asset
management plans, standardized data reporting, and adopted performance
measures. Also, the administration has created a Federal Real Property
Council and plans to work with Congress to provide agencies with tools
to better manage real property. These actions have addressed our prior
concern that a strategic governmentwide focus on solving the problems
was lacking, but the underlying conditions that led to the high-risk
designation continue to exist.
* Since the 2005 high-risk update, the Department of Homeland Security
(DHS) has made progress in addressing major transformation, management,
and program challenges, which prior GAO work has identified as key to
successfully transforming 22 agencies into one department and
effectively carrying out its homeland security and other missions. DHS
has produced a strategic plan that contains most elements required by
the Government Performance and Results Act and the under secretary of
management is working to integrate some management functions. However,
DHS has not linked its goals to resource requirements in its strategic
plan and has not involved all stakeholders in its strategic planning
process. Moreover, DHS lacks not only a comprehensive strategy with
overall goals and a timeline but also a dedicated management
integration team to support its management integration efforts. DHS and
its components are developing corrective action plans to address
material weaknesses identified by the financial statement auditor, but
recent audits found its financial systems do not conform to federal
requirements, and financial statements contain numerous material
weaknesses. DHS is working to develop a departmentwide framework for
managing information but has not implemented an effective process for
informed decision making by senior leadership about competing
technology investment options or a comprehensive information security
program to protect its information and systems. DHS has taken some
actions to integrate the legacy agency workforces that make up its
components and has made progress in establishing human capital
capabilities for the US-VISIT program, but DHS has not linked its new
human capital system to its strategic plan. DHS has made progress in
enhancing communication among its acquisition organizations through its
strategic sourcing and small business programs, but some components
remain exempted from the unified acquisition organization, and the
chief procurement officer has insufficient staff for departmentwide
oversight. In addition, DHS has continued to form necessary
partnerships and has undertaken a number of efforts with private
entities, but key partnering challenges continue as DHS seeks to
leverage resources and more effectively carry out its homeland security
responsibilities. In their program activities, DHS and the
Transportation Security Administration (TSA) have taken numerous
actions to strengthen commercial aviation security, and the Coast Guard
has moved to control costs by offering incentives to contractors that
attempt to foster competition for subcontracts. However, TSA faces the
difficult task of assessing and allocating resources across all
transportation modes based on risk, while adapting to changing threats
within the commercial aviation industry. DHS agencies have made
progress in activities to refine the screening of foreign visitors to
the United States, target potentially dangerous cargo, and provide the
personnel necessary to effectively fulfill border security and trade
agency missions. However, trade and visitor screening systems have
weaknesses that must be overcome to better ensure border and trade
security. DHS has also enhanced the efficiency of certain immigration
services, reducing the size of the backlog of immigration-benefit
applications. However, DHS has not adopted a comprehensive risk
management approach when it comes to the detection and investigation of
immigration fraud. Finally, DHS has made revisions to the National
Response Plan to clarify federal roles and responsibilities. In
response to concerns raised by us and others, Congress clarified the
roles and responsibilities of the Federal Emergency Management Agency
(FEMA) in the DHS fiscal year 2007 appropriations act and designated
the FEMA Administrator as the "Principal Advisor" to the President on
emergency management. However, DHS has yet to develop necessary
disaster capabilities and to create accountability systems that
effectively balance the need for fast and flexible response against the
need to prevent waste, fraud, and abuse.
* During the past 2 years, the Internal Revenue Service (IRS) has made
progress in its enforcement efforts. Notably, enforcement revenue rose
from $43.1 billion in fiscal year 2004 to $48.7 billion in fiscal year
2006. Based on preliminary data, IRS increased the overall percentage
of tax returns examined between fiscal year 2004 and fiscal year 2006
by about 30 percent. IRS completed research in 2005 on individual
taxpayers' compliance and is currently using the results to better
target operational audits. IRS also set a long-term goal to increase
the compliance rate. Despite these promising developments, challenges
remain. IRS's most recent estimate of the gross tax gap (the difference
between the taxes that should have been paid voluntarily and on time
and what was actually paid) was $345 billion for tax year 2001.
Although IRS estimates that it would eventually collect $55 billion of
this amount, a net tax gap of $290 billion would remain. Given the
magnitude of the tax gap, even a relatively small percentage reduction
in the gap would yield billions of dollars in additional revenue for
the government. IRS needs periodic, if not annual, measurements of
compliance to gauge the extent to which compliance is changing and to
effectively target its service and enforcement efforts. Further, IRS
lacks a data-based plan to improve compliance and reach its long-term
goal. Real progress in reducing the tax gap will require efforts beyond
enforcement. IRS will need to develop and execute multiple strategies
over a sustained period including working with Treasury to develop new
and innovative solutions to improve compliance. Statutory changes will
be needed as well to meaningfully reduce the gap and we have presented
options, such as additional withholding for selected parties and
additional information reporting on the cost basis for securities
sales, for Congress to consider.
* We first added the Pension Benefit Guaranty Corporation's (PBGC)
single-employer pension insurance program as a high-risk area in July
2003 because the program's financial health was threatened by
structural weaknesses in pension funding rules, the program's premium
structure, and the potential for large bankruptcies among sponsors with
underfunded plans in weak industries. Since then, Congress passed major
pension reform legislation that was signed into law. The reforms
include revisions to the defined benefit pension funding rules, changes
to the PBGC program's insurance premium structure, and other changes
aimed at limiting the risk that underfunded plans might pose to PBGC.
While some of these reforms represent progress, their ultimate impact
on the single-employer program's deficit is unclear. Many of these
reforms will be phased in gradually, postponing their potentially
positive effect on plan funding, while other changes could have the
effect of increasing PBGC's financial exposure.
* The Federal Aviation Administration (FAA) has made significant
progress in addressing air traffic control modernization program
weaknesses since it was designated as high risk in 1995. For example,
FAA has established a framework for improving its system management
capabilities and addressed weakness on selected air traffic control
systems; implemented key components of a cost accounting system and
established a cost estimating methodology; and made progress in
establishing an organizational culture that supports sound
acquisitions. FAA has also developed an action plan with the Office of
Management and Budget to continue to address these issues.
Additionally, FAA has reported that it has exceeded its targets for
delivering selected system acquisitions on cost and schedule for the
past 3 years. However, FAA-improved system management capabilities have
yet to be institutionalized, the cost estimating methodology has not
yet been fully implemented, and major systems will be coming on line in
the next few years. Moreover, FAA still faces many human capital
challenges, including obtaining the technical and contract management
expertise needed to define, implement, and integrate numerous complex
programs and systems. With FAA expecting to spend about $9.4 billion
between now and the end of fiscal year 2011 to upgrade and replace air
traffic control systems, these actions are as critical as ever.
* Since 2005, DOD has taken some positive steps toward addressing
challenges related to the supply chain management high-risk area. For
example, in collaboration with OMB, DOD developed a plan to address
some of the systemic weaknesses in supply chain management. The plan
encompasses 10 initiatives, such as war reserve materiel improvements
and the expanded use of radio frequency identification, aimed at the
three focus areas we have identified from our prior work: requirements
forecasting, asset visibility, and materiel distribution. This plan
provides a framework for addressing systemic weaknesses and focusing
long-term efforts to improve supply support to the warfighter. DOD has
made some progress implementing these initiatives, and DOD leadership
has demonstrated a commitment to resolving supply chain management
problems. However, successful resolution of these long-standing
problems will take several years of continued efforts, and the
department faces challenges and risks in successful implementation of
proposed changes. For example, DOD's plan generally lacks outcome-
focused performance metrics for many of its initiatives, making it
difficult to track and demonstrate progress in improving the three
focus areas. Further, DOD's ability to make coordinated, systemic
improvements that cut across the multiple organizations involved in the
materiel distribution system has been hindered by problems defining who
has accountability and authority for making such improvements.
[This page is intentionally left blank.]
[End of section]
Highlights for Each High-Risk Area:
Overall, the government continues to take high-risk problems seriously
and is making long-needed progress toward correcting them. Congress has
also acted to address several individual high-risk areas through
hearings and legislation. Continued perseverance in addressing high-
risk areas will ultimately yield significant benefits. Lasting
solutions to high-risk problems offer the potential to save billions of
dollars, dramatically improve service to the American public,
strengthen public confidence and trust in the performance and
accountability of our national government, and ensure the ability of
government to deliver on its promises.
We have prepared highlights of each of the 27 high-risk areas on our
updated list, showing (1) why the area is high risk, (2) the actions
that have been taken and that are under way to address the problem
since our last update report as well as the issues that are yet to be
resolved, and (3) what remains to be done to address the risk. These
highlights are presented on the following pages.
Highlights: High-Risk Series: Strategic Human Capital Management:
GAO Highlights:
For additional information about this high-risk area, contact J.
Christopher Mihm at (202) 512-6806 or mihmj@gao.gov.
Why Area Is High Risk:
GAO first added strategic human capital management as a governmentwide
high-risk area in 2001 because federal agencies lacked a strategic
approach to human capital management that integrates human capital
efforts with agency mission and program goals. The area remains high
risk because the federal government now faces one of the most
significant transformations to the civil service in half a century, as
momentum grows toward making governmentwide changes to agency pay,
classification, and performance management systems.
What GAO Found:
Progress in addressing federal human capital challenges has been made
since 2001, but significant opportunities remain to improve strategic
human capital management to respond to current and emerging 21st
century challenges. For example, the federal government has not
transformed, in many cases, how it classifies, compensates, develops,
and motivates its employees to achieve maximum results within available
resources and existing authorities. A key challenge is determining how
to update the government’s classification and compensation systems to
be more market based and performance oriented. Although this shift must
be part of a broader strategy of change management and performance
improvement initiatives, progress was made when Congress and the
administration modernized the senior executive performance-based pay
system by requiring a clearer link between individual and
organizational performance and pay. This shift to a performance-based
pay system can help transform the culture of federal agencies, and the
lessons learned from implementing this reform effort will be critical
to modernizing the performance management and pay systems under which
other federal employees will be compensated. Progress was also made
when Congress recognized that agencies needed more effective human
capital systems to succeed in their transformations. Congress gave the
Departments of Homeland Security and Defense statutory authorities
intended to help them manage their people more strategically. In this
environment, however, where nearly 900,000 employees will work under
systems now exempt from the rules of Title 5, the federal government is
rapidly approaching the point where “standard governmentwide” human
capital policies and process are neither standard nor governmentwide.
Before implementing any future human capital reforms, agencies should
demonstrate they have met certain conditions, including that they have
developed an institutional infrastructure that can support reform. This
infrastructure should include, among other things, (1) a modern,
credible performance management system that provides clear linkage
between institutional, unit, and individual performance-oriented
outcomes; and (2) adequate safeguards to ensure the fair, effective,
credible, and nondiscriminatory implementation of the system. As the
government’s human capital leader, OPM has a key role in helping
agencies build the needed infrastructure and is likely to certify
agency readiness to implement reforms. OPM is taking steps to help
agencies prepare for reform. For example, OPM’s Human Capital
Assessment and Accountability Framework is designed to help agencies
implement effective human capital management systems and improve their
human capital management practices.
Given OPM’s responsibility, it must ensure it has the capacity to
assist agencies and to lead these important human capital
transformations. This includes developing an internal workforce
capacity with adequate skills and competencies, effective partnerships
with the Chief Human Capital Officers Council, and an evaluation
strategy to monitor progress.
What Remains to Be Done:
Moving forward, there is still a need for a governmentwide framework to
advance human capital reform in order to avoid further fragmentation
within the civil service, ensure management flexibility as appropriate,
allow a reasonable degree of consistency, provide adequate safeguards,
and maintain a level playing field among federal agencies competing for
talent. Agencies must continue to assess their workforce needs and make
use of available authorities. Congress should make pay and performance
management reform the first step in any governmentwide reform effort,
and the Office of Personnel Management (OPM) should evaluate and learn
from its approach to implementing the performance-based pay system for
senior executives and apply these lessons to future human capital
reforms.
Related GAO Products:
Strategic Human Capital Management:
Office of Personnel Management: Key Lessons Learned to Date for
Strengthening Capacity to Lead and Implement Human Capital Reforms. GAO-
07-90. Washington, D.C.: January 19, 2007.
Human Capital: Aligning Senior Executives' Performance with
Organizational Results Is an Important Step Toward Governmentwide
Transformation. GAO-06-1125T. Washington, D.C.: September 26, 2006.
Office of Personnel Management: OPM Is Taking Steps to Strengthen Its
Internal Capacity for Leading Human Capital Reform. GAO-06-861T.
Washington, D.C.: June 27, 2006.
Human Capital: Trends in Executive and Judicial Pay. GAO-06-708.
Washington, D.C.: June 21, 2006.
Human Capital: Agencies Are Using Buyouts and Early Outs with
Increasing Frequency to Help Reshape Their Workforces. GAO-06-324.
Washington, D.C.: March 31, 2006.
Human Capital: Observations on Final Regulations for DOD's National
Security Personnel System. GAO-06-227T. Washington, D.C.: November 17,
2005.
Human Capital: Designing and Managing Market-Based and More Performance-
Oriented Pay Systems. GAO-05-1048T. Washington, D.C.: September 27,
2005.
Human Capital: DOD's National Security Personnel System Faces
Implementation Challenges. GAO-05-730. Washington, D.C.: July 14, 2005.
Human Capital: Agencies Need Leadership and the Supporting
Infrastructure to Take Advantage of New Flexibilities. GAO-05-616T.
Washington, D.C.: April 21, 2005.
Human Capital: Observations on Final DHS Human Capital Regulations. GAO-
05-391T. Washington, D.C.: March 2, 2005.
Also see [Hyperlink, http://www.gao.gov] for numerous speeches and
presentations from the Comptroller General on human capital challenges
in general and as they apply to specific agencies.
[End of section]
Highlights of High-Risk Series: Managing Federal Real Property:
GAO Highlights:
For additional information about this high-risk area, contact Mark
Goldstein at (202) 512-2834 or goldsteinm@gao.gov.
Why Area Is High Risk:
In January 2003, GAO designated federal real property as a high-risk
area because of long-standing problems with excess and underutilized
property, deteriorating facilities, unreliable real property data, and
reliance on costly leasing. Federal agencies were also facing many
challenges in protecting their facilities against the threat of
terrorism.
Progress has been made, but the problems that led to the designation of
federal real property as a high-risk area still exist. In addition,
deep-rooted obstacles, including competing stakeholder interests and
legal and budgetary limitations, could significantly hamper a
governmentwide transformation. As a result, this area remains high
risk.
What GAO Found:
The administration and real property-holding agencies have made
progress toward strategically managing federal real property. In
response to the President’s Management Agenda initiative and Executive
Order 13327, issued in February 2004, agencies have, among other
things, established asset management plans, standardized data
reporting, and adopted performance measures. Also, the administration
has created a Federal Real Property Council and plans to work with
Congress to provide agencies with tools to better manage real property.
These are positive steps, but the underlying conditions still exist.
For example, the Departments of Energy (Energy) and Homeland Security
(DHS) and the National Aeronautics and Space Administration (NASA)
reported that over 10 percent of their facilities are excess or
underutilized. In addition, Energy, NASA, the General Services
Administration (GSA), and the Departments of the Interior (Interior),
State (State), and Veterans Affairs (VA) reported repair and
maintenance backlogs for buildings and structures that total over $16
billion. Also, Energy, Interior, GSA, State, and VA reported an
increased reliance on leasing to meet space needs. While agencies have
made progress in collecting real property data, data reliability is
still a challenge at DOD and other agencies. Finally, agencies reported
using risk-based approaches to prioritize security needs, which GAO has
recommended, but cited obstacles such as a lack of resources for
security enhancements.
In past high-risk updates, GAO called for a transformation strategy to
address the long-standing problems in this area. While the
administration’s approach is generally consistent with what GAO
envisioned, certain areas warrant further attention. Specifically,
problems are exacerbated by deep-rooted obstacles that include
competing stakeholder interests, legal and budgetary limitations, and
the need for improved capital planning. For example, agencies cite
local interests as barriers to disposing of excess property and
agencies’ limited ability to pursue ownership leads them to lease
property that would be more cost-effective to own over time.
Figure: Examples of Excess Federal Facilities:
[See PDF for Image]
Source: VA and USPS.
From left to right: former Main VA Hospital Building, Milwaukee; former
Main Post Office, Chicago.
[End of Figure]
What Remains to be Done:
After fully implementing the executive order on real property reform
and related President’s Management Agenda initiatives, agencies will
need to show significant progress toward eliminating the problems that
led to this area’s designation as high risk, such as reducing
inventories of facilities to a minimum and making headway in addressing
the repair backlog. In addition, the Office of Management and Budget
(OMB) and agencies, through the Federal Real Property Council, will
need to focus on developing strategies to address deep-rooted obstacles
to a successful transformation, such as competing stakeholder interests.
Related Products: Managing Federal Real Property:
DOD's Overseas Infrastructure Master Plans Continue to Evolve. GAO-06-
913R. Washington, D.C.: August 22, 2006.
Embassy Construction: State Has Made Progress Constructing New
Embassies, but Better Planning Is Needed for Operations and Maintenance
Requirements. GAO-06-641. Washington, D.C.: June 30, 2006.
Federal Real Property: Most Public Benefit Conveyances Used as
Intended, but Opportunities Exist to Enhance Federal Oversight. GAO-06-
511. Washington, D.C.: June 21, 2006.
Federal Courthouses: Rent Increases Due to New Space and Growing Energy
and Security Costs Require Better Tracking and Management. GAO-06-613.
Washington, D.C.: June 20, 2006.
Homeland Security: Guidance and Standards Are Needed for Measuring the
Effectiveness of Agencies' Facility Protection Efforts. GAO-06-612.
Washington, D.C.: May 31, 2006.
Federal Real Property: Excess and Underutilized Property Is an Ongoing
Problem. GAO-06-248T. Washington, D.C.: February 6, 2006.
Federal Real Property: Reliance on Costly Leasing to Meet New Space
Needs Is an Ongoing Problem. GAO-06-136T. Washington, D.C.: October 6,
2005.
VA Health Care: Key Challenges to Aligning Capital Assets and Enhancing
Veterans' Care. GAO-05-429. Washington, D.C.: August 5, 2005.
Military Bases: Analysis of DOD's 2005 Selection Process and
Recommendations for Base Closures and Realignments. GAO-05-785.
Washington, D.C.: July 1, 2005.
Federal Real Property: Further Actions Needed to Address Long-standing
and Complex Problems. GAO-05-848T. Washington, D.C.: June 22, 2005.
Smithsonian Institution: Facilities Management Reorganization Is
Progressing, but Funding Remains a Challenge. GAO-05-369. Washington,
D.C.: April 25, 2005.
U.S. Postal Service: The Service's Strategy for Realigning Its Mail
Processing Infrastructure Lacks Clarity, Criteria, and Accountability.
GAO-05-261. Washington, D.C.: April 8, 2005.
[End of Section]
Highlights of High-Risk Series: Protecting the Federal Government's
Information Systems and the Nation's Critical Infrastructures:
GAO Highlights:
For additional information about this high-risk area, contact David
Powner at (202) 512-9286 or pownerd@gao.gov, or Gregory C. Wilshusen at
(202) 512-6244 or wilshuseng@gao.gov.
Why Area is High Risk:
Federal agencies and our nation’s critical infrastructures—such as
power distribution, water supply, telecommunications, national defense,
and emergency services— rely extensively on computerized information
systems and electronic data to carry out their missions. The security
of these systems and data is essential to preventing disruptions in
critical operations, fraud, and inappropriate disclosure of sensitive
information. Protecting federal computer systems and the systems that
support critical infrastructures—referred to as cyber critical
infrastructure protection, or cyber CIP—is a continuing concern.
Federal information security has been on GAO’s list of high-risk areas
since 1997; in 2003, GAO expanded this high-risk area to include cyber
CIP. The continued risks to information systems include escalating and
emerging threats such as phishing, spyware, and spam; the ease of
obtaining and using hacking tools; the steady advance in the
sophistication of attack technology; and the emergence of new and more
destructive attacks.
What GAO Found:
With the enactment of the Federal Information Security Management Act
of 2002 (FISMA), Congress continued its work to improve federal
information security by permanently authorizing and strengthening key
information security requirements. The administration has also made
progress in a number of efforts, including issuing guidance to federal
agencies on appropriate measures to protect sensitive information. In
addition, the governmentwide percentage of information systems reported
as completing formal technical evaluation and receiving management
authorization to operate increased from 62 percent to 85 percent
between 2003 and 2005. However, significant information security
weaknesses at federal agencies continue to place a broad array of
federal operations and assets at risk of fraud, misuse, and disruption.
Although recent reporting by these agencies showed some improvements,
GAO found that many still have not complied consistently with FISMA’s
overall requirement to develop, document, and implement agencywide
information security programs. For example, agencies are not
consistently:
* developing and maintaining current security plans,
* creating and testing contingency plans, and:
* evaluating and monitoring the effectiveness of security controls
managed by contractors.
Without consistent implementation of information security management
programs, weaknesses in information security controls will persist.
As the focal point for federal efforts to protect the nation’s critical
infrastructures, the Department of Homeland Security (DHS) and its
National Cyber Security Division have key cybersecurity
responsibilities. These include developing a national plan for critical
infrastructure protection, including cybersecurity; planning for and
coordinating cyber incident response and recovery; and identifying and
assessing cyber threats and vulnerabilities. DHS has taken steps to
fulfill its responsibilities, including establishing the U.S. Computer
Emergency Readiness Team, developing high-level plans for
infrastructure protection and incident response, establishing
public/private working groups to facilitate coordination among
government and industry, and organizing exercises in which government
and private industry can practice responding to cyber events. However,
DHS has not yet completely fulfilled any of its key responsibilities.
For example, DHS has not yet developed national cyber threat and
vulnerability assessments or public/private recovery plans for
cybersecurity. Progress has been impeded by several challenges,
including the reluctance of many in the private sector to share
information with DHS, and a lack of departmental organizational
stability and leadership needed to gain the trust of other stakeholders
in the cybersecurity world. Until DHS fulfills its cybersecurity
responsibilities, our nation’s critical infrastructures will remain at
risk.
What Remains to Be Done:
Additional federal efforts are needed to establish effective
information security programs that are consistent with FISMA, including
testing and evaluating the effectiveness of controls and resolving
known weaknesses. Federal cyber CIP actions should include implementing
plans to fulfill key cybersecurity responsibilities, such as improving
analysis and warning capabilities and developing a public/private
Internet recovery plan.
Related Products: Protecting the Federal Government's Information
Systems and the nation's Critical Infrastructures:
Information Security: Federal Reserve Needs to Address Treasury Auction
Systems. GAO-06-659. Washington, D.C.: August 30, 2006.
Information Security: Leadership Needed to Address Weaknesses and
Privacy Issues at Veterans Affairs. GAO-06-897T. Washington, D.C.: June
20, 2006.
DHS Faces Challenges in Developing a Joint Public/Private Recovery
Plan, GAO-06-672. Washington, D.C.: June 16, 2006.
Information Security: Continued Progress Needed to Strengthen Controls
at the Internal Revenue Service. GAO-06-328. Washington, D.C.: March
23, 2006.
Information Sharing: The Federal Government Needs to Establish Policies
and Processes for Sharing Terrorism-Related and Sensitive but
Unclassified Information. GAO-06-385. Washington, D.C.: March 17,
2006.
Information Security: Federal Agencies Show Mixed Progress in
Implementing Statutory Requirements. GAO-06-527T. Washington, D.C.:
March 16, 2006.
Information Security: Department of Health and Human Services Needs to
Fully Implement Its Program. GAO-06-267. Washington, D.C.: February 24,
2006.
Information Security: Progress Made, but Federal Aviation
Administration Needs to Improve Controls over Air Traffic Control
Systems. GAO-05-712. Washington, D.C.: August 26, 2005.
Critical Infrastructure Protection: Department of Homeland Security
Faces Challenges in Fulfilling Cybersecurity Responsibilities, GAO-05-
434. Washington, D.C.: May 26, 2005.
Information Security: Federal Agencies Need to Improve Controls over
Wireless Networks. GAO-05-383. Washington, D.C.: May 17, 2005.
Information Security: Emerging Cybersecurity Issues Threaten Federal
Information Systems. GAO-05-231. Washington, D.C.: May 13, 2005.
Information Security: Improving Oversight of Access to Federal Systems
and Data by Contractors Can Reduce Risk. GAO-05-362. Washington, D.C.:
April 22, 2005.
[End of Section]
Highlights: High-Risk Series: Implementing and Transforming the
Department of Homeland Security:
GAO Highlights:
For additional information about this high-risk area, contact Norm
Rabkin at (202) 512-8777 or rabkinn@gao.gov.
Why Area Is High Risk:
GAO designated implementing and transforming the Department of Homeland
Security (DHS) as high risk in 2003 because DHS had to transform 22
agencies—several with major management challenges—into one department,
and failure to effectively address its management challenges and
program risks could have serious consequences for our national
security. The areas GAO identified as at risk include planning and
priority setting; accountability and oversight; and a broad array of
management, programmatic, and partnering challenges.
What GAO Found:
Although DHS has made progress transforming its 22 agencies into a
fully functioning department, this transformation remains high risk.
DHS has yet to implement a corrective action plan that includes a
comprehensive transformation strategy and its management
systems—especially related to financial, information, acquisition, and
human capital management—are not yet integrated and wholly operational.
DHS also faces challenges to effectively carry out its program
activities and enhance partnerships with private and public sector
entities to leverage resources. The array of management and
programmatic challenges continues to limit DHS’s ability to carry out
its roles under the National Homeland Security Strategy in an effective
risk-based way.
A DHS-wide transformation strategy should include a strategic plan that
identifies specific budgetary, human capital, and other resources
needed to achieve stated goals. The strategy also should involve key
stakeholders to ensure resource investments target the highest
priorities. GAO’s work has shown that several DHS programs have not
developed outcome-based measures to assess performance. Further, DHS is
limited in its ability to use risk management to guide resource use, as
DHS has not performed comprehensive risk assessments in transportation,
trade, critical infrastructure, or immigration and customs systems.
Serious transformation challenges remain in DHS management systems. For
example, DHS lacks a comprehensive management strategy with overall
goals, timelines, and a team dedicated to support its integration
efforts. Also, the latest independent audit of DHS’s financial
statements revealed 10 material weaknesses and confirmed that DHS’s
financial management systems still do not conform to federal
requirements. Further, DHS has not institutionalized a strategic
framework for information management to, among other things, guide
technology investments; and DHS human capital and acquisition systems
will require continued attention to help prevent waste and ensure that
DHS can allocate its resources efficiently and effectively.
Since GAO’s January 2005 high-risk update, DHS has taken actions to
improve program activities in areas such as cargo, transportation, and
border security; Coast Guard management; disaster preparedness; and
immigration services. However, DHS continues to face programmatic and
partnering challenges. To help ensure its missions are achieved, DHS
must overcome continued challenges related to cargo, transportation,
and border security; systematic visitor tracking; outdated Coast Guard
asset capabilities; and balancing homeland security with other
missions, such as disaster preparedness. DHS and the Federal Emergency
Management Agency have made progress in forming partnerships to better
prepare for and execute disaster response, but they need to continue to
develop (1) clearly defined leadership roles and responsibilities, (2)
necessary disaster response capabilities, and (3) accountability
systems to provide effective services while protecting against waste,
fraud, and abuse.
What Remains to Be Done:
GAO’s prior work on mergers and acquisitions, undertaken before the
creation of DHS, concluded that successful transformations of large
organizations, even those faced with less strenuous reorganizations
than DHS, can take years to achieve. For DHS to successfully transform
into a more effective organization, it needs to (1) develop a
departmentwide transformation strategy that adopts risk management and
strategic management principles and establishes key milestones and
performance measures to focus its limited resources; (2) improve
management systems, including financial systems, information
management, human capital, and acquisitions; and (3) continue to
identify and implement corrective actions to address programmatic and
partnering challenges.
GAO Products:
Aviation Security: TSA Oversight of Checked Baggage Screening
Procedures Could Be Strengthened. GAO-06-869. Washington, D.C.: July
28, 2006.
Homeland Security: Challenges in Creating an Effective Acquisition
Organization. GAO-06-1012T. Washington, D.C.: July 27, 2006.
Homeland Security: Progress Continues, but Challenges Remain on
Department's Management of Information Technology. GAO-06-598T.
Washington, D.C.: March 29, 2006.
Financial Management Systems: DHS Has an Opportunity to Incorporate
Best Practices in Modernization Efforts. GAO-06-553T. Washington, D.C.:
March 29, 2006.
Emergency Preparedness and Response: Some Issues and Challenges
Associated with Major Emergency Incidents. GAO-06-467T. Washington,
D.C.: February 23, 2006.
Risk Management: Further Refinements Needed to Assess Risks and
Prioritize Protective Measures at Ports and Other Critical
Infrastructure. GAO-06-91. Washington, D.C.: December 15, 2005.
Department of Homeland Security: Strategic Management of Training
Important for Successful Transformation. GAO-05-888. Washington, D.C.:
September 23, 2005.
Results-Oriented Government: Improvements to DHS's Planning Process
Would Enhance Usefulness and Accountability. GAO-05-300. Washington,
D.C.: March 31, 2005.
Department of Homeland Security: A Comprehensive and Sustained Approach
Needed to Achieve Management Integration. GAO-05-139. Washington, D.C.:
March 16, 2005.
DHS Products:
Major Management Challenges Facing the Department of Homeland Security.
DHS Office of the Inspector General. OIG-07-12. Washington, D.C.:
December 2006.
[End of section]
Highlights: High-Risk Series: Establishing Appropriate and Effective
Information-Sharing Mechanisms to Improve Homeland Security:
GAO Highlights:
For additional information about this high-risk area, contact Eileen
Larence, at (202) 512-6510, larencee@gao.gov, or Dave Powner, (202) 512-
9286 or pownerd@gao.gov.
Why Area Is High Risk:
In January 2005, we designated information sharing for homeland
security a high-risk area because the federal government still faces
formidable challenges in analyzing and disseminating key information
among federal, state, local, and private partners in a timely,
accurate, and useful manner. Since 9/11, multiple federal agencies have
been assigned key roles for improving the sharing of information
critical to homeland protection to address a major vulnerability
exposed by the attacks, and this important function has received
increasing attention. However, the underlying conditions that led to
the designation continue and more needs to be done to address these
problems and the obstacles that hinder information sharing. As a
result, this area remains high risk.
What GAO Found:
More than 5 years after 9/11, the federal government still lacks an
implemented set of policies and processes for sharing terrorism
information, but has issued a government-wide strategy on how it will
put in place the overall framework, policies, and architecture for
sharing with critical partners—actions that we and others have
recommended. Agencies also have taken a number of independent steps to
better share information, but they must be successfully integrated into
this framework.
Progress at the federal level to improve sharing includes creation of
the National Counterterrorism Center to operate as a partnership of
intelligence agencies so they can analyze and disseminate national
intelligence data; creation of a national database of known and
suspected terrorists for screening persons coming into and exiting the
country; and formation of a working group to resolve agencies’ myriad
requirements for restricting access to sensitive information. However,
as we reported in March 2006, the federal government still has not
implemented the governmentwide policies and processes that the 9/11
Commission recommended and that Congress mandated. For example, the
Intelligence Reform and Terrorism Prevention Act of 2004 required that
action be taken to facilitate the sharing of terrorism information by
establishing an “information sharing environment (ISE),” yet this
environment remains in the planning stage. A final plan for the
environment, which was released on November 16, 2006, defines key tasks
and milestones for developing the information sharing environment,
including identifying barriers and ways to resolve them, as GAO
recommended. Completing the information sharing environment is a
complex task that will take multiple years and long-term administration
and congressional support and oversight, and will pose cultural,
operational, and technical challenges that will require a collaborated
response.
Federal agencies are also focusing on better sharing with states,
localities, and the private sector—a critical step since they are our
first line of defense against terrorists—but these efforts are not
without challenges. The Federal Bureau of Investigation (FBI) has
expanded its Joint Terrorism Task Forces that bring together personnel
from all levels of government. The Department of Homeland Security
(DHS) implemented an information network to share homeland security
information. States and localities are creating their own information
“fusion” centers, some with FBI and DHS support. And DHS has
implemented a program to protect sensitive information the private
sector provides on security at critical infrastructure assets, such as
nuclear and chemical facilities. But, the DHS Inspector General found
that users of the information network were confused and frustrated with
the system and as a result do not regularly use it; and DHS has still
not won all of the private sector’s trust that the agency can
adequately protect and effectively use the information that sector
provides. These challenges will require longer-term actions to resolve.
What Remains to Be Done:
GAO has made several recommendations agencies are beginning to address,
including:
* assessing progress made on the key steps and milestones implementing
the ISE and removing barriers to implementation;
* consolidating and consistently applying restrictions on sensitive
information so they do not hinder sharing; and:
* defining what information agencies need from the private sector for
homeland security, how they will use it, and how they will protect it,
as well as providing incentives and building trusted relationships to
promote sharing with these critical security partners.
Related Products: Establishing Appropriate and Effective Information-
Sharing Mechanisms to Improve Homeland Security:
Managing Sensitive Information: DOJ Needs a More Complete Staffing
Strategy for Managing Classified Information and a Set of Internal
Controls for Other Sensitive Information. GAO-07-83. Washington, D.C.:
October 20, 2006.
Critical Infrastructure Protection: Progress Coordinating Government
and Private Sector Efforts Varies by Sectors' Characteristics. GAO-07-
39. Washington, D.C.: October 16, 2006.
Terrorist Watch List Screening: Efforts to Help Reduce Adverse Effects
on the Public. GAO-06-1031. Washington, D.C.: September 29, 2006.
Critical Infrastructure Protection: DHS Leadership Needed to Enhance
Cybersecurity. GAO-06-1087T. Washington, D.C.: September 13, 2006.
Maritime Security: Information-Sharing Efforts Are Improving. GAO-06-
933T. Washington, D.C.: July 10, 2006.
Managing Sensitive Information: Actions Needed to Ensure Recent Changes
in DOE Oversight Do Not Weaken an Effective Classification System. GAO-
06-785. Washington, D.C.: June 30, 2006.
Managing Sensitive Information: DOD Can More Effectively Reduce the
Risk of Classification Errors. GAO-06-706. Washington, D.C.: June 30,
2006.
Information Sharing: DHS Should Take Steps to Encourage More Widespread
Use of Its Program to Protect and Share Critical Infrastructure
Information. GAO-06-383. Washington, D.C.: April 17, 2006.
Information Sharing: The Federal Government Needs to Establish Policies
and Processes for Sharing Terrorism-Related and Sensitive but
Unclassified Information. GAO-06-385. Washington, D.C.: March 17, 2006.
[End of section]
Highlights: High-Risk Series: Department of Defense Approach to
Business Transformation:
GAO Highlights:
For additional information about this high-risk area, contact Sharon
Pickup at (202) 512-9619 or pickups@gao.gov.
Why Area Is High Risk:
In 2005, GAO added the Department of Defense’s (DOD) approach to
business transformation as a high-risk area because (1) DOD’s business
improvement efforts and control over resources were fragmented, (2) DOD
lacked an integrated and enterprisewide business transformation plan
and investment strategy, and (3) DOD had not designated a senior
management official at an appropriate level with the authority to be
responsible and accountable for enterprisewide business
transformation. To illustrate the magnitude of the risk DOD faces with
its business transformation efforts, the department bears sole
responsibility for eight defense-specific high-risk areas and shares
responsibility for six other high-risk areas—all of which are related
to business operations.
What GAO Found:
DOD spends billions of dollars to sustain key business operations
intended to support the warfighter, including systems and processes
related to the management of contracts, finances, the supply chain,
support infrastructure, and weapons systems acquisition. GAO has
reported on inefficiencies in DOD’s business operations, such as the
lack of sustained leadership and a comprehensive, integrated, and
enterprisewide business plan. Moreover, at a time of increasing
military operations and growing fiscal constraints, billions of dollars
have been wasted annually because of the lack of adequate transparency
and appropriate accountability across DOD’s business areas.
DOD’s top management has demonstrated a commitment to transforming the
department’s business operations and has established a governance
structure that consists of several elements. For example, in September
2006, DOD released an enterprise transition plan that is intended to be
both a roadmap and management tool for modernizing its business
processes and information technology assets. DOD also established the
Defense Business Systems Management Committee (DBSMC), which is
composed of senior-level DOD officials and is intended to serve as the
primary transformation leadership and oversight mechanism, and the
Business Transformation Agency (BTA) to support the DBSMC. BTA is to
execute enterprise-level business transformation by, among other
things, integrating departmental lines of business, following a
corporate model. Finally, as required by Congress, DOD is studying the
feasibility and advisability of establishing a Chief Management Officer
(CMO) to oversee the department’s business transformation process. As
part of this effort, the Defense Business Board, an advisory panel,
examined various options and endorsed the CMO concept in May 2006.
These steps are positive, but DOD still lacks some critical elements
that are needed to ensure a successful and sustainable business
transformation effort. While the enterprise transition plan and
supporting governance structure are important steps toward developing a
strategic plan and DOD-wide oversight, the primary focus has been on
business systems modernization. Enterprise-level business
transformation is much broader—encompassing planning, management,
structure, and processes. DOD’s lack of a comprehensive, integrated,
enterprisewide business transformation plan linked with performance
goals, objectives, and rewards for all key business areas has been a
continuing weakness. Such an integrated transformation plan would be
instrumental in setting investment priorities and guiding key resource
decisions. DOD also continues to lack the sustained leadership at the
right level to achieve successful and lasting transformation. The DBSMC
is led by political appointees whose terms expire when administrations
change and does not provide long-term sustained leadership needed to
successfully achieve business transformation. Because of the complexity
and long-term nature of DOD’s business transformation efforts, a CMO
with significant authority, experience, and tenure is needed to provide
sustained leadership and momentum.
What Remains to Be Done:
DOD still needs to develop a clear, comprehensive, integrated, and
enterprisewide business transformation plan that addresses all of DOD’s
major business areas and includes specific goals, measures, and
accountability mechanisms to measure progress. DOD also needs to
establish sustained leadership that is responsible and accountable for
overall business transformation efforts. One option to achieve this
goal is to legislatively create a chief management officer to provide
sustained leadership and have overall responsibility and accountability
for business transformation.
Related products: Department of Defense Approach to Business
Transformation:
Defense Business Transformation: A Comprehensive Plan, Integrated
Efforts, and Sustained Leadership Are Needed to Ensure Success. GAO-07-
229T. Washington, D.C.: November 16, 2006.
Defense Transformation: Accountability Challenges. GAO-06-1083CG.
Washington, D.C.: August 22, 2006.
Department of Defense: Sustained Leadership Is Critical to Effective
Financial and Business Management Transformation. GAO-06-1006T.
Washington, D.C.: August 3, 2006.
Business Systems Modernization: DOD Continues to Improve Institutional
Approach, but Further Steps Needed. GAO-06-658. Washington, D.C.: May
15, 2006.
GAO High-Risk Program. GAO-06-497T. Washington, D.C.: March 15, 2006.
Defense Management: Additional Actions Needed to Enhance DOD's Risk-
Based Approach for Making Resource Decisions. GAO-06-13. Washington,
D.C.: November 15, 2005.
Defense Management: Foundational Steps Being Taken to Manage DOD
Business Systems Modernization, but Much Remains to Be Accomplished to
Effect True Business Transformation. GAO-06-234T. Washington, D.C.:
November 9, 2005.
21st Century Challenges: Transforming Government to Meet Current and
Emerging Challenges. GAO-05-830T. Washington, D.C.: July 13, 2005.
DOD Business Transformation: Sustained Leadership Needed to Address
Long-standing Financial and Business Management Problems. GAO-05-723T.
Washington, D.C.: June 8, 2005.
Defense Management: Key Elements Needed to Successfully Transform DOD
Business Operations. GAO-05-629T. Washington, D.C.: April 28, 2005.
Transformation Challenges. presentation to the Defense Business
Transformation Forum. Queenstown, MD: April 17, 2005.
Defense Management: Successful Business Transformation Requires Sound
Strategic Planning and Sustained Leadership. GAO-05-520T. Washington,
D.C.: April 13, 2005.
[End of section]
Highlights: High-Risk Series: Department of Defense Business Systems
Modernization:
GAO Highlights:
For additional information about this high-risk area, contact Randolph
C. Hite at (202) 512-3439 or hiter@gao.gov.
Why Area Is High Risk:
The Department of Defense (DOD) is spending billions of dollars to
modernize its business systems as part of its overall business
transformation efforts. While DOD has made important progress on key
aspects of its business systems modernization efforts, challenges
remain. As a result, DOD as a whole is not yet where it needs to be to
effectively and efficiently manage an undertaking with the size,
complexity, and significance of its departmentwide business systems
modernization. GAO first designated this program as high risk in 1995;
it remains so today.
What GAO Found:
DOD, one of the largest and most complex organizations in the world,
reportedly relies on over 3,100 business systems to support its
business functions. For years, DOD has attempted to modernize these
systems, and GAO has provided numerous recommendations to help it do
so. For example, in 2001, GAO provided the department with a set of
recommendations to help in developing and using an enterprise
architecture (modernization blueprint) and establishing effective
investment management controls to guide and constrain how the billions
of dollars each year are spent on business systems. GAO also made
numerous project-specific and DOD-wide recommendations aimed at
ensuring that the department follows proven best practices when it
acquires information technology (IT) systems and services.
To its credit, DOD has made important progress in defining and
beginning to implement institutional management controls. For example,
the department has developed a revision of its business enterprise
architecture that addresses important elements related to legislative
provisions and best practices that we previously identified as missing.
In addition, it has defined and begun implementing investment controls
to guide and constrain its departmentwide systems modernization.
However, the business enterprise architecture (and its supporting
component architectures) does not yet include all of the elements
needed to provide a sufficient frame of reference to optimally guide
and constrain DOD-wide system investment decision making. In addition,
the scope and intent of the department’s business systems transition
plan do not address DOD’s complete portfolio of IT investments.
Further, the business system investment process is not fully evolved
and institutionalized at all levels of the organization.
Beyond this, the more formidable challenge to addressing this high-risk
area is ensuring that the thousands of DOD business system programs and
projects and IT services employ acquisition management rigor and
discipline. Specifically, our work has continued to show program-
specific management weaknesses, including not economically justifying
investments on the basis of reliable estimates of future costs and
benefits; not pursuing investments within the context of an enterprise
architecture; and not adequately conducting key acquisition functions,
such as requirements management, risk management, test management,
performance management, and contract management.
Until DOD fully defines and consistently implements the full range of
business systems modernization management controls (institutional and
program specific), it will be not be able to adequately ensure that its
IT system and service investments are the right solutions for
addressing its business needs, that they are being managed to produce
expected capabilities efficiently and cost effectively, and that
business stakeholders are satisfied.
What Remains to Be Done:
Key aspects of the business systems modernization efforts still need to
be fully addressed. At the institutional level, the supporting
component architectures need to be developed and aligned with the
corporate architecture to complete the federated business enterprise
architecture, the enterprise transition plan needs to be expanded to
include the department’s complete investment portfolios, and the
investment process needs to evolve and be institutionalized at all
levels of the organization. Furthermore, DOD needs to ensure that its
business system programs and projects are managed with integrated
institutional controls and that they consistently deliver promised
benefits and capabilities on time and within budget.
Related Products: Department of Defense Business Systems Modernization:
Department of Defense: Sustained Leadership Is Critical to Effective
Financial and Business Management Transformation. GAO-06-1006T.
Washington, D.C.: August 3, 2006.
Business Systems Modernization: DOD Continues to Improve Institutional
Approach, but Further Steps Needed. GAO-06-658. Washington, D.C.: May
15, 2006.
DOD Business Transformation: Defense Travel System Continues to Face
Implementation Challenges. GAO-06-18. Washington, D.C.: January 18,
2006.
DOD Systems Modernization: Uncertain Joint Use and Marginal Expected
Value of Military Asset Deployment System Warrant Reassessment of
Planned Investment. GAO-06-171. Washington, D.C.: December 15, 2005.
DOD Systems Modernization: Planned Investment in the Naval Tactical
Command Support System Needs to Be Reassessed. GAO-06-215. Washington,
D.C.: December 5, 2005.
DOD Business Systems Modernization: Important Progress Made in
Establishing Foundational Architecture Products and Investment
Management Practices, but Much Work Remains. GAO-06-219. Washington,
D.C.: November 23, 2005.
Defense Management: Foundational Steps Being Taken to Manage DOD
Business Systems Modernization, but Much Remains to Be Accomplished to
Effect True Business Transformation. GAO-06-234T. Washington, D.C.:
November 9, 2005.
DOD Business Systems Modernization: Long-standing Weaknesses in
Enterprise Architecture Development Need to Be Addressed. GAO-05-702.
Washington, D.C.: July 22, 2005.
Army Depot Maintenance: Ineffective Oversight of Depot Maintenance
Operations and System Implementation Efforts. GAO-05-441. Washington,
D.C.: June 30, 2005.
DOD Business Transformation: Sustained Leadership Needed to Address
Long-standing Financial and Business Management Problems. GAO-05-723T.
Washington, D.C.: June 8, 2005.
DOD Systems Modernization: Management of Integrated Military Human
Capital Program Needs Additional Improvements. GAO-05-189. Washington,
D.C.: February 11, 2005.
[End of section]
Highlights: High-Risk Series: Department of Defense Personnel Security
Clearance Program:
GAO Highlights:
For additional information about this high-risk area, contact Derek B.
Stewart at (202) 512-5559 or stewartd@gao.gov.
Why Area Is High Risk:
The Department of Defense (DOD) is responsible for about 2.5 million
security clearances issued to servicemembers, DOD civilians, and
industry personnel who work on contracts for DOD and 23 other federal
agencies. The clearances give workers access to information, the
unauthorized disclosure of which could, in some cases, cause
exceptionally grave damage.
Long-standing delays in determining clearance eligibility and other
challenges led GAO to designate DOD’s personnel security clearance
program as a high-risk area in January 2005. DOD transferred its
security clearance investigations functions to the Office of Personnel
Management (OPM) in February 2005 and now obtains almost all of its
clearance investigations from OPM, which conducts about 90 percent of
all federal clearance investigations. Executive Order 13381 assigned
the Office of Management and Budget (OMB) responsibility for effective
implementation of policy relating to determinations of eligibility for
access to classified information.
What GAO Found:
Problems continue with DOD’s clearance program even though OMB, OPM,
and DOD took positive steps to monitor some GAO-identified concerns.
For example, their November 2005 plan outlined many timeliness
measures, but included only two measures of quality, both of which were
deficient. DOD’s consistently inaccurate projections of clearance
requests have impeded workload planning and funding. Although OMB set a
government goal of projected cases and actual requests being within 5
percent of one another, OPM reported that DOD exceeded its projected
number by 59 percent for the first half of fiscal year 2006. In
addition, GAO reviewed 50 OPM-produced investigative reports and found
documentation missing from 47. Despite the missing information, which
in most cases pertained to residences, employment, and education, DOD
adjudicators granted clearance eligibility but did not request missing
investigative information or fully document unresolved issues in 27 of
the 50 reviewed reports. Incomplete investigative or adjudicative
reports could undermine OMB’s efforts to achieve clearance reciprocity
(an agency accepting a clearance awarded by another agency). OPM has
reported that it is using new personnel and procedures to improve the
quality of its investigative reports.
Furthermore, clearances continue to take longer than the time
prescribed in government goals. This occurred in the application-
submission, investigation, and adjudication (determining clearance
eligibility) phases of the clearance process, despite positive steps
that include additional congressional and OMB oversight, DOD’s growing
use of OPM’s electronic application-submission system, and OPM
obtaining more investigators. For example, GAO found that the
application-submission phase averaged 111 days for industry personnel
seeking initial top secret clearances, but the government goal is 14
days. Multiple reviews of applications and manually entering data from
paper forms are two reasons for the delays. OPM stated that paper
submissions take on average 14 days longer than electronic submissions.
For August 2006, OPM reported that 54 percent of DOD applications were
submitted using OPM’s electronic submission system. In the
investigation phase, GAO found that it took an average of 286 days for
initial clearances—compared with the goal of 180 days—and 419 days for
clearance updates for the 2,259 industry personnel who were granted
clearance eligibility in January and February 2006. Although OPM
increased its workforce, it faces many impediments to improving
investigation timeliness, including the backlog of requests for
investigations and difficulty obtaining national, state, and local
records. The average time for adjudication was 39 days for industry
personnel, compared with a mandate that starts in December 2006
requiring that 80 percent of adjudications be completed in 30 days. DOD
adjudicators have, however, noted that current procedures to measure
adjudication timeliness include 2-3 weeks for OPM to print and ship its
investigative reports, rather than delivering them electronically.
Delays in determining initial clearance eligibility can increase the
cost of performing classified work, and delays in updating clearances
may increase the risk of national security breaches.
What Remains to Be Done:
To improve its security clearance program, DOD needs to take actions
that include (1) improving the accuracy of its projected need for
clearances, (2) working with OMB and OPM to fully measure and report
all of the time required to determine clearance eligibility, (3)
partnering with OPM to improve the timeliness and completeness of
clearance-application submissions and investigative reports, and (4)
implementing procedures to eliminate documentation problems.
Related products: Department of Defense Personnel Security Clearance
Program:
DOD Personnel Clearances: Additional OMB Actions Are Needed to Improve
the Security Clearance Process. GAO-06-1070. Washington, D.C.:
September 28, 2006.
DOD Personnel Clearances: Questions and Answers for the Record
Following the Second in a Series of Hearings on Fixing the Security
Clearance Process. GAO-06-693R. Washington, D.C.: June 14, 2006.
DOD Personnel Clearances: New Concerns Slow Processing of Clearances
for Industry Personnel. GAO-06-748T. Washington, D.C.: May 17, 2006.
DOD Personnel Clearances: Funding Challenges and Other Impediments Slow
Clearances for Industry Personnel. GAO-06-747T. Washington, D.C.: May
17, 2006.
Questions for the Record Related to DOD's Personnel Security Clearance
Program and the Government Plan for Improving the Clearance Process.
GAO-06-323R. Washington, D.C.: January 17, 2006.
DOD Personnel Clearances: Government Plan Addresses Some Long-standing
Problems with DOD's Program, But Concerns Remain. GAO-06-233T.
Washington, D.C.: November 9, 2005.
Questions for the Record Related to DOD's Personnel Security Clearance
Program. GAO-05-988R. Washington, D.C.: August 19, 2005.
DOD Personnel Clearances: Some Progress Has Been Made but Hurdles
Remain to Overcome the Challenges That Led to GAO's High-Risk
Designation. GAO-05-842T. Washington, D.C.: June 28, 2005.
[End of section]
Highlights: High-Risk Series: Department of Defense Support
Infrastructure Management:
GAO Highlights:
For additional information about this high-risk area, contact Henry L.
Hinton at (202) 512-4300 or hintonh@gao.gov.
Why Area Is High Risk:
In 1997, GAO identified the Department of Defense’s (DOD) management of
its support infrastructure as a high-risk area because infrastructure
costs impacted the department’s ability to devote funds to other more
critical programs and needs. GAO has frequently reported in recent
years on the long-term challenges DOD faces in managing its portfolio
of facilities, halting the degradation of facilities, and reducing
unneeded infrastructure to free up funds to better maintain enduring
facilities and meet other needs. Because of these long-standing issues,
DOD’s management of support infrastructure remains a high-risk area.
What GAO Found:
While DOD has made progress and expects to continue to improve its
support infrastructure, it faces long-term challenges. Following the
end of the Cold War, DOD reduced the size of its military force, and
efforts have been made to reduce its infrastructure through five
domestic base realignment and closure rounds, consolidation of overseas
bases, and demolition of excess facilities. DOD is also updating its
installations strategic plan to better address infrastructure issues,
revising its readiness reporting to better gauge facility conditions,
establishing real property inventory data requirements to better
support the needs of asset management, and continuing to modify its
suite of analytical tools to better forecast funding requirements. DOD
has also achieved efficiencies and quality-of-life improvements through
the privatization of military family housing and through the renovation
and new construction of barracks for single service members.
Opportunities remain to further reduce DOD’s infrastructure;
additionally, the department continues to face significant challenges
in funding its base operations and the sustainment, restoration, and
modernization of its facilities as well as addressing lingering
management issues. Although DOD has reported that it has reduced its
domestic infrastructure by about 20 percent in the first four base
closure rounds, questions exist regarding the actual amount of
facilities to be reduced in the latest base closure round. At the same
time, DOD officials recognize that the department will continue to have
excess facilities and a long-term need for its facilities disposal
program. Also, questions continue to be raised over the adequacy of
funds provided to base operations support services and to the
sustainment, restoration, and modernization of facilities. In a 2005
report, GAO noted that DOD did not have a common framework for
identifying base-operating support functions and funding requirements
to ensure adequate delivery of services, particularly in a joint
environment. GAO reported that hundreds of millions of operation and
maintenance dollars designated for facilities sustainment and other
purposes were moved by the services to pay for base operations support
due in part to (1) funding shortfalls, (2) a lack of a common
terminology across the services in defining base support functions, and
(3) the lack of a mature analytic process for developing credible and
consistent requirements. While such funding movements are permissible,
GAO found that they were disruptive to the orderly provision of
services and contributed to the overall degradation of facilities. In
another report, GAO found that many of DOD’s training ranges were in
deteriorated condition and lacked modernization which adversely
affected training activities and jeopardized the safety of military
personnel. GAO also reported that there were opportunities for DOD to
strengthen the management and implementation of its global basing
strategy, improve the management of its utilities privatization
program, and enhance the oversight of its privatized housing projects.
Concerns continued to be raised by various installation officials in
fiscal year 2006 over shortfalls in funding for base operations and
facilities.
What Remains to Be Done:
DOD needs a comprehensive, integrated, long-range plan to better guide,
justify funding requirements, and sustain the implementation of its
infrastructure initiatives. The plan should clearly establish goals and
milestones, identify specific tasks in improving quality of life and
readiness, capture shortfalls, include metrics to measure progress,
assign responsibilities for managing and coordinating the various
efforts, and identify the resources needed to meet DOD’s vision for its
infrastructure. A key to making this approach successful is management
commitment to obtain adequate resources for the diverse initiatives
that will resolve DOD’s infrastructure issues when other important
priorities, such as the global war on terrorism and modernization,
compete for funding.
Related Products: Department of Defense Support Infrastructure
Management:
Defense Management: Comprehensive Strategy and Annual Reporting Are
Needed to Measure Progress and Costs of DOD's Global Posture
Restructuring. GAO-06-852. Washington, D.C.: September 13, 2006.
Defense Infrastructure: Actions Taken to Improve the Management of
Utility Privatization, but Some Concerns Remain. GAO-06-914.
Washington, D.C.: September 5, 2006.
DOD's Overseas Infrastructure Master Plans Continue to Evolve. GAO-06-
913R. Washington, D.C.: August 22, 2006.
Limitations in the Air Force's Proposed Housing Plan for Spangdahlem
Air Base, Germany. GAO-06-736R. Washington, D.C.: May 19, 2006.
Military Housing: Management Issues Require Attention as the
Privatization Program Matures. GAO-06-438. Washington, D.C.: April 28,
2006.
Military Training: Funding Requests for Joint Urban Operations Training
and Facilities Should Be Based on Sound Strategy and Requirements. GAO-
06-193. Washington, D.C.: December 8, 2005.
Military Bases: Observations on DOD's 2005 Base Realignment and Closure
Selection Process and Recommendations. GAO-05-905. Washington, D.C.:
July 18, 2005.
Military Bases: Analysis of DOD's 2005 Selection Process and
Recommendations for Base Closures and Realignments. GAO-05-785.
Washington, D.C.: July 1, 2005.
Defense Infrastructure: Issues Need to Be Addressed in Managing and
Funding Base Operations and Facilities Support. GAO-05-556. Washington,
D.C.: June 15, 2005.
Military Training: Better Planning and Funding Priority Needed to
Improve Conditions of Military Training Ranges. GAO-05-534. Washington,
D.C.: June 10, 2005.
Defense Infrastructure: Management Issue Requiring Attention in Utility
Privatization. GAO-05-433. Washington, D.C.: May 12, 2005.
[End of section]
Highlights: High-Risk Series: Department of Defense Financial
Management:
GAO Highlights:
For additional information about this high-risk area, contact McCoy
Williams at (202) 512-9095 or williamsm1@gao.gov.
Why Area is High Risk:
The Department of Defense (DOD) is a massive and complex organization.
Efficient and effective management and accountability of DOD’s hundreds
of billions of dollars of resources require timely, reliable, and
useful information. However, DOD’s pervasive financial and related
business management and system deficiencies adversely affect its
ability to control costs; ensure basic accountability; anticipate
future costs and claims on the budget; measure performance; maintain
funds control; prevent and detect fraud, waste, and abuse; and address
pressing management issues. GAO first designated DOD financial
management as high risk in 1995.
What GAO Found:
DOD’s senior civilian and military leaders, committed to the
department’s business transformation effort, continue to take positive
steps towards improving DOD’s financial and related-business
operations. However, to date, tangible evidence of improvement remains
limited. DOD’s continuing, substantial financial management weaknesses
adversely affect its ability to produce auditable financial
information, and more importantly, to provide timely and reliable
information for use in making informed decisions.
Table: Examples of the Impact of Financial Management Problems at DOD:
Business area affected: Cost accounting;
Problem identified and its impact: DOD’s inadequate systems and
processes for recording and reporting costs of the global war on
terrorism contributed to uncertainty regarding costs and proper use of
funds.
Business area affected: Military pay;
Problem identified and its impact: Pay problems rooted in the complex,
cumbersome processes used to pay Army soldiers have generated
overpayments. As a result, hundreds of separated battle-injured
soldiers experienced collection action on military debts incurred
through no fault of their own. Due to their lack of income, 16 of 19
case study soldiers reported that they had difficulty paying for basic
household expenses.
Business area affected: Accounting;
Problem identified and its impact: DOD had to write off tens of
billions of dollars in disbursement and collection transactions
resulting from decades of financial management and system weaknesses.
Until DOD can resolve these weaknesses and identify and charge
transactions to the proper appropriation accounts, its appropriation
accounts will remain unreliable and another costly write-off process
may be required.
Business area affected: Environmental liabilities;
Problem identified and its impact: None of the military services had
adequate controls in place to help ensure that all identified
contaminated sites were included in their environmental liability cost
estimates. These weaknesses affect the reliability of DOD and
governmentwide estimates, as well as ultimately the cost and timing of
cleanup activities.
Business area affected: Systems;
Problem identified and its impact: DOD still has not addressed the
underlying problems associated with weak systems requirements
management and testing in the Defense Travel System (DTS). Until DTS’s
requirements management practices are improved, DOD will not have
reasonable assurance that DTS can provide the intended functionality.
Source: GAO.
[End of Table]
Overhauling DOD’s business operations represents a daunting challenge.
In December 2005, DOD issued its Financial Improvement and Audit
Readiness (FIAR) Plan to provide DOD components with a road map for
achieving the following objectives: (1) resolving problems affecting
the accuracy, reliability, and timeliness of financial information; and
(2) obtaining clean financial statement audit opinions. The FIAR Plan,
which does not establish specific target dates for achieving clean
financial statement audit opinions within DOD, recognizes that it will
take several years before DOD is able to implement the systems,
processes, and other improvements needed to address its financial
management challenges. Ultimately, the FIAR Plan’s success will be
measured by its capability to achieve sustained improvements in DOD’s
ability to support decision making, analysis, oversight, and reporting.
What Remains to Be Done:
GAO has made numerous recommendations intended to improve DOD’s
financial management. DOD’s financial management reform effort should
include the following key elements: (1) a reform plan implemented as
part of a comprehensive, integrated business transformation plan; (2)
sustained leadership and resource control; (3) clear lines of
authority; (4) results-oriented performance measures; (5) appropriate
individual and organizational incentives and consequences; and (6) a
consistent and sustained emphasis on improving the department’s ability
to provide timely, reliable, and useful information for decision
making, oversight, and reporting.
Related Products: Department of Defense Financial Management:
Defense Travel System: Reported Savings Questionable and Implementation
Challenges Remain. GAO-06-980. Washington, D.C.: September 26, 2006.
Financial Management: Improvements Under Way but Serious Financial
Systems Problems Persist. GAO-06-970. Washington, D.C.: September 26,
2006.
Department of Defense: Sustained Leadership Is Critical to Effective
Financial and Business Management Transformation. GAO-06-1006T.
Washington, D.C.: August 3, 2006.
Defense Working Capital Fund: Military Services Did Not Calculate and
Report Carryover Amounts Correctly. GAO-06-530. Washington, D.C.: June
27, 2006.
Military Pay: Hundreds of Battle-Injured GWOT Soldiers Have Struggled
to Resolve Military Debts. GAO-06-494. Washington, D.C.: April 27,
2006.
Environmental Liabilities: Long-Term Fiscal Planning Hampered by
Control Weaknesses and Uncertainties in the Federal Government's
Estimates. GAO-06-427. Washington, D.C.: March 31, 2006.
Fiscal Year 2005 U.S. Government Financial Statements: Sustained
Improvement in Federal Financial Management Is Crucial to Addressing
Our Nation's Financial Condition and Long-Term Fiscal Imbalance. GAO-
06-406T. Washington, D.C.: March 1, 2006.
DOD Business Transformation: Defense Travel System Continues to Face
Implementation Challenges. GAO-06-18. Washington, D.C.: January 18,
2006.
Global War on Terrorism: DOD Needs to Improve the Reliability of Cost
Data and Provide Additional Guidance to Control Costs. GAO-05-882.
Washington, D.C.: September 21, 2005.
Army Corps of Engineers: Improved Planning and Financial Management
Should Replace Reliance on Reprogramming Actions to Manage Project
Funds. GAO-05-946. Washington, D.C.: September 16, 2005.
DOD Problem Disbursements: Long-standing Accounting Weaknesses Result
in Inaccurate Records and Substantial Write-offs. GAO-05-521.
Washington, D.C.: June 2, 2005.
[End of section]
Highlights: High-Risk Series: Department of Defense Supply Chain
Management:
GAO Highlights:
For additional information about this high-risk area, contact William
M. Solis at (202) 512-8365 or solisw@gao.gov.
Why Area Is High Risk:
As a result of weaknesses in the Department of Defense’s (DOD)
management of supply inventories and responsiveness to warfighter
requirements, supply chain management has been on GAO’s high-risk list
since 1990. The availability of spare parts and other critical supply
items affects the readiness and operational capabilities of U.S.
military forces, and the supply chain can determine whether U.S.
military forces win or lose on the battlefield. The investment of
resources in the supply chain is substantial, amounting to more than
$150 billion in fiscal year 2005, according to DOD. GAO’s prior work
over the last several years has identified three focus areas that are
critical to resolving supply chain management problems: requirements
forecasting, asset visibility, and materiel distribution.
What GAO Found:
While DOD has taken a number of positive steps toward improving its
supply chain management, it has continued to experience weaknesses in
its ability to provide efficient and effective supply support.
Consequently, the department has been unable to consistently meet its
goal of delivering the “right items to the right place at the right
time” to support the deployment and sustainment of military forces. For
example, DOD experienced substantial delays in meeting warfighter
requirements for truck armor kits during Operation Iraqi Freedom (OIF),
placing troops at greater risk as they conducted wartime operations in
vehicles not equipped with the preferred level of protection. Since the
onset of OIF, systemic deficiencies contributing to supply shortages
have included inaccurate Army war reserve requirements, inaccurate
supply forecasts, insufficient and delayed funding, delayed
acquisition, and ineffective distribution. Although DOD has taken
actions to improve and streamline aspects of its supply chain, barriers
remain. For example, DOD’s ability to make coordinated, systemic
improvements that cut across the multiple organizations involved in the
materiel distribution system has been hindered by problems defining who
has accountability and authority for making such improvements.
Beginning in 2005, DOD developed a plan to address long-term systemic
weaknesses in supply chain management. The plan encompasses 10
initiatives, such as war reserve materiel improvements and the expanded
use of radio frequency identification, that address the three focus
areas GAO has identified. DOD leadership has demonstrated a commitment
to resolving supply chain management problems, and DOD is making
progress implementing initiatives in the plan. However, it will take
several years to fully implement these initiatives. Further, the
department faces challenges and risks in successfully implementing its
proposed changes across the department and measuring progress. For
example, DOD lacks outcome-focused performance measures for many of its
initiatives, making it difficult to track and demonstrate progress in
improving the three focus areas.
In a separate effort, DOD has been developing a “road map” for its
future logistics programs and initiatives. The road map is intended to
portray where the department is headed in the logistics area, how it
will get there, and what progress is being made toward achieving its
objectives. The road map also is intended to link ongoing capability
development, program reviews, and budgeting. Once completed, the road
map could potentially fill a long-term need for a comprehensive,
departmentwide logistics re-engineering strategy to guide
implementation of DOD, service, and defense agency supply chain
initiatives.
What Remains to Be Done:
To successfully resolve supply chain management problems, DOD needs to
sustain top leadership commitment and long-term institutional support
for the supply chain management improvement plan; obtain necessary
resource commitments from the military services, the Defense Logistics
Agency, and other organizations; make substantial progress in
implementing improvement initiatives across the department; and
establish a program to demonstrate progress and validate the
effectiveness of the initiatives. DOD also should ensure that its
logistics road map provides a comprehensive, integrated strategy for
guiding supply chain management improvement efforts.
Related Products: Department of Defense Supple Chain Management:
DOD's High-Risk Areas: Progress Made Implementing Supply Chain
Management Recommendations, but Full Extent of Improvement Unknown. GAO-
07-234. Washington, D.C.: January 17, 2007.
DOD's High-Risk Areas: Challenges Remain to Achieving and Demonstrating
Progress in Supply Chain Management. GAO-06-983T. Washington, D.C.:
July 25, 2006.
Defense Logistics: Lack of a Synchronized Approach between the Marine
Corps and Army Affected the Timely Production and Installation of
Marine Corps Truck Armor. GAO-06-274. Washington, D.C.: June 22, 2006.
Defense Management: Attention Is Needed to Improve Oversight of DLA
Prime Vendor Program. GAO-06-739R. Washington, D.C.: June 19, 2006.
Defense Inventory: Actions Needed to Improve Inventory Retention
Management. GAO-06-512. Washington, D.C.: May 25, 2006.
Defense Logistics: Several Factors Limited the Production and
Installation of Army Truck Armor during Current Wartime Operations. GAO-
06-160. Washington, D.C.: March 22, 2006.
DOD's High-Risk Areas: High-Level Commitment and Oversight Needed for
DOD Supply Chain Plan to Succeed. GAO-06-113T. Washington, D.C.:
October 6, 2005.
Defense Logistics: Better Strategic Planning Can Help Ensure DOD's
Successful Implementation of Passive Radio Frequency Identification.
GAO-05-345. Washington, D.C.: September 12, 2005.
Defense Logistics: DOD Has Begun to Improve Supply Distribution
Operations, but Further Actions Are Needed to Sustain These Efforts.
GAO-05-775. Washington, D.C.: August 11, 2005.
Defense Logistics: Actions Needed to Improve the Availability of
Critical Items during Current and Future Operations. GAO-05-275.
Washington, D.C.: April 8, 2005.
[End of section]
Highlights: High-Risk Series: Department of Defense Weapon Systems
Acquisition:
GAO Highlights:
For additional information about this high-risk area, contact Katherine
V. Schinasi (202) 512-4841 or schinasik@gao.gov.
Why Area Is High Risk:
Developing and acquiring high performance weapons is central to the
Department of Defense’s (DOD) ability to fight and win wars. DOD’s
investment in weapons is growing—from about $157 billion in fiscal year
2006 to an estimated $188 billion by fiscal year 2011—as it pushes to
transform itself to meet a broad range of complex threats. Weapon
systems routinely take much longer to field, cost more to buy, and
require more support than provided for in investment plans. When
acquisition programs require more resources than planned, the buying
power of the defense dollar is reduced because trade-offs among other
weapon programs or defense needs must be made. Consequently, GAO has
designated this as a high-risk area since 1990.
What GAO Found:
DOD is facing a cascading number of problems in managing its
acquisitions. Significant cost increases mean DOD can neither produce
as many weapons as intended nor be relied on to deliver weapons to the
warfighter when promised. DOD knows what to do to achieve more
successful outcomes but finds it difficult to apply the necessary
discipline and controls or assign much-needed accountability. DOD has
written into policy an approach that emphasizes attaining a certain
level of knowledge at critical junctures before managers agree to
invest more money in the next phase of weapon system development. This
knowledge-based approach results in evolutionary—that is incremental,
manageable, predictable—development and inserts several controls to
help managers gauge progress in meeting cost, schedule, and performance
goals.
But DOD has not been employing the knowledge-based approach, discipline
has been lacking, and business cases have not measured up. In
particular, the department accepts high levels of technology risk at
the start of major acquisition programs. Mature technologies are
pivotal to developing new products. Without mature technologies at the
outset, a program will almost certainly incur cost and schedule
problems. However, DOD’s acquisition community works with technologies
before they are ready and takes on responsibility for technology
development and product development concurrently. Our work has also
shown that DOD allows programs to begin without establishing a sound
business case in terms of requirements, technology, knowledge-based
acquisition strategy, time, cost and funding. And once programs begin,
requirements and funding change over time. In fact, program managers
consider requirements and funding instability—which occur throughout
the program—to be their biggest obstacles to success.
Program approvals in DOD have shown a decided lack of restraint. DOD’s
requirements process generates more demand for new programs than fiscal
resources can support. DOD compounds the problem by approving so many
highly complex and interdependent programs. Once too many programs are
approved, the budgeting process must broker trades to stay within
realistic funding levels. Because programs are funded annually and
departmentwide cross-portfolio priorities have not been established,
competition for funding continues over time, forcing programs to view
success as the ability to secure the next funding increment rather than
delivering capabilities when and as promised.
DOD has recognized these problems and plans to take a series of
corrective actions, some of which are mandated by law. It is focusing
on laying a better foundation for programs before they begin product
development. DOD has just begun piloting some of these actions, so the
proof of actual implementation may be years away. These initiatives
also may not necessarily be applied to programs already under way.
What Remains to Be Done:
DOD needs to take additional steps to achieve outcomes that justify its
investments. These steps include:
* developing and implementing an acquisition investment strategy,
* ensuring that individual programs are executable, and:
* clearly delineating responsibilities and holding people accountable.
While DOD has incorporated into policy a framework that supports a
knowledge-based acquisition process similar to that used by leading
organizations, it must establish stronger controls to ensure that
decisions on individual programs are informed by demonstrated knowledge.
Related products: Department of Defense Weapon System Acquisition:
Defense Acquisitions: Actions Needed to Get Better Results on Weapon
Systems Investments. GAO-06-585T. Washington, D.C.: April 5, 2006.
Best Practices:
Best Practices: Stronger Practices Needed to Improve DOD Technology
Transition Processes. GAO-06-883. Washington, D.C.: September 14, 2006.
Defense Acquisitions: Major Weapon Systems Continue to Experience Cost
and Schedule Problems under DOD's Revised Policy. GAO-06-368.
Washington, D.C.: April 13, 2006.
Space Acquisitions: Improvements Needed in Space Systems Acquisitions
and Keys to Achieving Them. GAO-06-626T. Washington, D.C.: April 6,
2006.
Defense Acquisitions: Assessments of Selected Major Weapon Programs.
GAO-06-391. Washington, D.C.: March 31, 2006.
Best Practices: Better Support of Weapon System Program Managers Needed
to Improve Outcomes. GAO-06-110. Washington, D.C.: November 30, 2005.
Weapon System Reviews:
Defense Acquisitions: Restructured JTRS Program Reduces Risk, but
Significant Challenges Remain. GAO-06-955. Washington, D.C.: September
11, 2006.
Tactical Aircraft: Questions Concerning the F-22A's Business Case. GAO-
06-991T. Washington, D.C.: July 25, 2006.
Space Acquisitions: DOD Needs Additional Knowledge as It Embarks on a
New Approach for Transformational Satellite Communications System. GAO-
06-537. Washington, D.C.: May 24, 2006.
Electronic Warfare: Option of Upgrading Additional EA-6Bs Could Reduce
Risk in Development of EA-18G. GAO-06-446. Washington, D.C.: April 26,
2006.
Joint Strike Fighter: DOD Plans to Enter Production before Testing
Demonstrates Acceptable Performance. GAO-06-356. Washington, D.C.:
March 15, 2006.
Defense Acquisitions: Missile Defense Agency Fields Initial Capability
but Falls Short of Original Goals. GAO-06-327. Washington, D.C.: March
15, 2006.
Defense Acquisitions: Improved Business Case Is Needed for Future
Combat System's Successful Outcome. GAO-06-367. Washington, D.C.: March
14, 2006.
[End of section]
Highlights: High-Risk Series: Federal Aviation Administration Air
Traffic Control Modernization:
GAO Highlights:
For additional information about this high-risk area, contact David A.
Powner at (202) 512-9286 or pownerd@gao.gov, or Gerald L. Dillingham,
Ph.D., at (202) 512-2834 or dillinghamg@gao.gov.
Why Area Is High Risk:
Over the last two decades, the Federal Aviation Administration (FAA)
has been conducting a major modernization of its air traffic control
systems and facilities. FAA has implemented many systems and
improvements to date, and it is currently pursuing efforts on 45
projects and planning to transition to a next-generation air
transportation system. Key efforts include projects to augment the
Global Positioning System to aid in approaches and landings, to improve
radar systems for terminal environments, and to provide new color
displays and data processing to air traffic controllers. GAO initially
designated FAA’s modernization program as high risk in 1995, and while
progress has been made, it remains high risk today.
What GAO Found:
Faced with growing air traffic and aging equipment, in 1981 FAA
initiated an ambitious effort to modernize its air traffic control
system. This modernization includes the acquisition of new systems and
facilities and has now been extended to plan for a next-generation air
transportation system. Over the years, projects within this
modernization program have experienced cost overruns, schedule delays,
and performance shortfalls. GAO has reported on the root causes of
these problems, including (1) immature capabilities for acquiring
systems, (2) lack of an institutionalized architecture, (3) inadequate
cost estimating and accounting practices, (4) an incomplete investment
management process, and (5) an organizational culture that impairs
modernization efforts.
FAA has made important progress in addressing these weaknesses, but
more remains to be done in each of these areas. For example, FAA has:
* established a framework for improving system management capabilities
and addressed weaknesses GAO identified on four major air traffic
control systems, but has not yet institutionalized these improved
capabilities;
* continued to develop an enterprise architecture—a blueprint of the
agency’s current and target operations and infrastructure—and has
included initial requirements for the next-generation air
transportation system, but further refinements are expected;
* implemented key components of a cost accounting system;
* established a cost estimating methodology, but has yet to implement
it;
* implemented basic investment management capabilities, but has not yet
integrated these practices across the agency;
* sought to establish an organizational culture that supports sound
acquisitions, but still faces many human capital challenges, including
obtaining the technical and contract management expertise needed to
define, implement, and integrate numerous complex programs and
systems.
Until the agency fully addresses these residual issues, it will
continue to risk the project management problems affecting cost,
schedule, and performance that have plagued its ability to acquire
systems for improving air traffic control.
Figure: Image of Air Plane and Air Traffic Control:
[See PDF for Image]
Sources: GAO and PhotoDisc(images).
[End of Figure]
What Remains to Be Done:
GAO has made over 45 specific
recommendations to address
root causes of FAA’s modernization problems. The agency has made
progress on these recommendations, but more must be done to
institutionalize system management improvements, develop and enforce an
enterprise architecture, implement effective cost estimation practices
and investment management processes, and improve human capital
management.
With FAA expecting to spend about $9.4 billion through fiscal year 2011
to upgrade and replace air traffic control systems, these actions are
as critical as ever.
Related Products: Federal Aviation Administration Air Traffic Control
Modernization:
Next Generation Air Transportation System: Progress and Challenges
Associated with the Transformation of the National Airspace System. GAO-
07-25. Washington, D.C.: November 13, 2006.
National Airspace System Modernization: Observations on Potential
Funding Options for FAA and the Next Generation Airspace System. GAO-
06-1114T. Washington, D.C.: September 27, 2006.
Next Generation Air Transportation System: Preliminary Analysis of
Progress and Challenges Associated with the Transformation of the
National Airspace System. GAO-06-915T. Washington, D.C.: July 25, 2006.
Air Traffic Control Modernization: Status of the Current Program and
Planning for the Next Generation Air Transportation System. GAO-06-
653T. Washington, D.C.: June 21, 2006.
Air Traffic Control: Status of the Current Modernization Program and
Planning for the Next Generation System. GAO-06-738T. Washington, D.C.:
May 4, 2006.
Next Generation Air Transportation System: Preliminary Analysis of the
Joint Planning and Development Office's Planning, Progress, and
Challenges. GAO-06-574T. Washington, D.C.: March 29, 2006.
National Airspace System: Transformation Will Require Cultural Change,
Balanced Funding Priorities, and Use of All Available Management Tools.
GAO-06-154. Washington, D.C.: October 14, 2005.
Air Traffic Operations: The Federal Aviation Administration Needs to
Address Major Air Traffic Operating Cost Control Changes. GAO-05-724.
Washington, D.C.: June 23, 2005.
National Airspace System: FAA Has Made Progress but Continues to Face
Challenges in Acquiring Major Air Traffic Control Systems. GAO-05-331.
Washington, D.C.: June 10, 2005.
Federal Aviation Administration: Stronger Architecture Program Needed
to Guide Systems Modernization Efforts. GAO-05-266. Washington, D.C.:
April 29, 2005.
[End of section]
Highlights: High-Risk Series: Financing the Nation's Transportation
System:
GAO Highlights:
For additional information about this high-risk area, contact Patricia
Dalton at (202) 512-2834 or daltonp@gao.gov.
Why Area Is High Risk:
The nation’s economic vitality and its citizens’ quality of life depend
significantly on the efficiency of its transportation infrastructure.
Increasingly, however, congestion is threatening the efficiency of this
infrastructure, and the federal government faces the dual challenge of
providing funds to help maintain and expand the nation’s transportation
system and of ensuring that these funds are used efficiently.
Compounding this challenge are increasing costs of security
enhancements and growing federal funding constraints and policies that
limit the use of federal funds to finance improvements in mobility.
What GAO Found:
Highway and transit financing. Revenues to support the Highway Trust
Fund—the major source of federal highway and transit funding—are
eroding. Receipts for the fund, which are derived from motor fuel and
truck-related taxes, are continuing to grow but are declining in
purchasing power because the federal motor fuel tax rate has not been
increased since 1993. Furthermore, as vehicles become more fuel
efficient and increasingly run on alternative fuels, fuel taxes may not
be a sustainable source of transportation financing in the future.
Funding authorized in the recently enacted highway and transit program
legislation is expected to outstrip the growth in trust fund receipts,
leading to a forecasted decline in the trust fund balance and a
negative balance by the end of fiscal year 2011. In the face of these
constraints, state and local governments are pursuing alternative
financing mechanisms, including tolling projects.
Intercity passenger and freight rail financing. The intercity
passenger rail system is in poor financial condition, and the federal
subsidies provided for it are not targeted to the greatest public
benefits, such as transportation congestion relief. GAO has
recommended funding mechanisms that include cost sharing between the
federal government and other beneficiaries. The freight railroad
industry is projected to grow substantially, but the industry’s ability
to finance the capacity needed to meet this projected growth is
uncertain. Increasingly, the expected public benefits of rail
projects, such as reductions in highway congestion and improved
intermodal connections, have led the federal and state governments to
invest public funds in freight rail projects. Decision makers face
additional decisions in the years ahead and will be challenged to make
investment decisions that reflect public priorities and achieve
demonstrable, wide-ranging public benefits.
Aviation financing. Federal aviation programs are also facing growing
infrastructure demands and constrained resources. To meet projected
increases in commercial aviation travel, the Federal Aviation
Administration (FAA) and aviation stakeholders are developing a “next
generation air transportation system” to modernize the nation’s air
traffic control (ATC) infrastructure and increase capacity. This
effort is complex and costly: Under one limited, preliminary estimate,
FAA’s budget would, on average, exceed FAA’s fiscal year 2006
appropriation level by about $1 billion a year (in today’s dollars)
through 2025. FAA and others have questioned whether the current
funding system—the Aviation Trust Fund—can generate revenues to meet
these budgetary needs. While FAA’s workload and costs are expected to
rise, in part because of increased use of smaller aircraft, FAA’s
revenues may not keep pace because of projected declines in inflation-
adjusted airfares. While FAA has made some important management
improvements with cost control problems associated with ATC
modernization, some questions remain about FAA’s ability to manage the
transition to the next generation system cost-effectively.
What Remains to Be Done:
In light of the growing demand for funds to maintain and expand the
nation’s transportation system and the increasing constraints on
federal discretionary spending, GAO recommends a reassessment, for all
transportation modes, of (1) the federal role and strategy in funding,
selecting, and evaluating transportation investments; (2) mechanisms to
seek alternative revenue sources and, where appropriate, to increase
revenues for infrastructure improvements, including user fees and
alternatives to stimulate private investment, while considering their
impact on the federal budget; and (3) methods of allocating funds to
ensure the equity, efficiency, accountability, and performance of
transportation investments.
Related Products: Financing the Nation's Transportation System:
Intercity Passenger Rail: National Policy and Strategies Needed to
Maximize Public Benefits from Federal Expenditures. GAO-07-15.
Washington, D.C.: November 13, 2006.
[End of section]
Freight Railroads: Industry Health Has Improved, but Concerns about
Competition and Capacity Should be Addressed. GAO-07-94. Washington,
D.C.: October 6, 2006.
Aviation Finance: Observations on Potential FAA Funding Options. GAO-
06-973. Washington, D.C.: September 29, 2006.
National Airspace System Modernization: Observations on Potential
Funding Options for FAA and the Next Generation Airspace System. GAO-
06-1114T. Washington, D.C.: September 27, 2006.
Highway Finance: States' Expanding Use of Tolling Illustrates Diverse
Challenges and Strategies. GAO-06-554. Washington, D.C.: June 28, 2006.
Highway Trust Fund: Overview of Highway Trust Fund Estimates. GAO-06-
572T. Washington, D.C.: April 4, 2006.
Freight Transportation: Short Sea Shipping Option Shows Importance of
Systematic Approach to Public Investment Decisions. GAO-05-768.
Washington, D.C.: July 29, 2005.
Highlights of an Expert Panel: The Benefits and Costs of Highway and
Transit Investments. GAO-05-423SP. Washington, D.C.: May 6, 2005.
Highway And Transit Investments: Options for Improving Information on
Projects' Benefits and Costs and Increasing Accountability for Results.
GAO-05-172. Washington, D.C.: January 24, 2005.
Federal-Aid Highways: Trends, Effect on State Spending, and Options for
Future Program Design. GAO-04-802. Washington, D.C.: August 31, 2004.
Surface Transportation: Many Factors Affect Investment Decisions. GAO-
04-744. Washington, D.C.: June 30, 2004.
[End of section]
Highlights: High-Risk Series: Ensuring the Effective Protection of
Technologies Critical to U.S. National Security Interests:
GAO Highlights:
For additional information about this high-risk area, contact Ann
Calvaresi-Barr at (202) 512-4841 or calvaresibarra@gao.gov.
Why Area Is High Risk:
To maintain technological superiority on the battlefield, the
Department of Defense annually spends billions of dollars to develop
and produce advanced weaponry. At the same time, these weapons and
militarily useful technologies are sold overseas by the U.S. government
and companies for foreign policy, security, and economic reasons.
However, these technologies are targets for theft, espionage, reverse
engineering, and illegal export.
The U.S. government has a myriad of programs intended to identify and
protect critical technologies so they can be transferred to foreign
parties consistent with varying U.S. interests. Yet these
programs—established decades ago—are ill-equipped to weigh competing
U.S. interests in the current security environment and as technological
innovation evolves in the 21st century. Accordingly, GAO is designating
the effective identification and protection of critical technologies as
a governmentwide high-risk area.
What GAO Found:
Over the years, GAO has identified weaknesses in the effectiveness and
efficiency of government programs designed to protect critical
technologies while advancing U.S. interests. These programs include
those that regulate U.S. defense-related exports, investigate proposed
foreign acquisitions of U.S. national security-related companies, and
oversee contractors under foreign influence that work with classified
information. Multiple agencies are responsible for administering these
programs, including the Departments of Commerce, Defense, State, and
Treasury. While each program has its own set of challenges, GAO found
that these weaknesses are largely attributable to poor coordination
within complex interagency processes, inefficiencies in program
operations, and a lack of evaluations for regularly assessing program
effectiveness and identifying corrective actions. The impacts of these
weaknesses are not always visible or immediate but increase the risk of
military gains by entities with interests contrary to those of the
United States and of financial harm to U.S. companies.
Several of the programs designed to protect critical technologies are
inherently complex. However, poor coordination and fundamental
disagreements among the departments have had unintended consequences
for both national security and economic interests. For instance, the
departments that investigate proposed foreign acquisitions currently
lack a coordinated approach for defining what constitutes a threat to
national security and what warrants an investigation to ensure that the
risk of foreign ownership is mitigated. Also, while the government
officials responsible for protecting critical technologies may
appropriately take time to make decisions as they consider the multiple
interests involved, inefficiencies in the various programs have created
unnecessary delays in sharing critical technologies with allies. In
addition, the departments charged with protecting critical technologies
have not systematically evaluated their respective programs to
determine whether they are fulfilling their missions in a changing
environment and whether corrective actions are needed. For example,
following the 2001 terror attacks, Commerce and State did not
systematically assess the effectiveness of their respective export
control programs and, therefore, were not in a position to identify and
implement corrective measures.
While GAO has recommended numerous corrective actions to address these
weaknesses and inefficiencies, the departments involved have not
implemented many of the recommendations that address the most
fundamental problems affecting the protection of critical technologies,
such as clearly determining which department controls the export of
certain defense technologies. Legislation has been introduced to reform
aspects of these programs. However, to date legislation has not been
enacted to overhaul the programs and executive action has not resulted
in fundamental changes to these programs as global forces continue to
reshape U.S. national security and economic interests.
What Remains to Be Done:
To improve existing technology protection programs, agencies need to
implement the many GAO recommendations that remain unaddressed. In
addition, further action is needed. The legislative and executive
branches should strategically examine existing programs, evaluate
alternative approaches, and develop a comprehensive framework with
clear responsibilities and accountability for identifying and
protecting critical technologies.
Related Products: Ensuring the Effective Protection of the Technologies
Critical to U.S. National Security Interests:
Export Controls: Challenges Exist in Enforcement of an Inherently
Complex System. GAO-07-265. Washington, D.C.: December 20, 2006.
Defense Technologies: DOD's Critical Technologies Lists Rarely Inform
Export Control and Other Policy Decisions. GAO-06-793. Washington,
D.C.: July 28, 2006.
DOD Excess Property: Control Breakdowns Present Significant Security
Risk and Continuing Waste and Inefficiency. GAO-06-943. Washington,
D.C.: July 25, 2006.
President's Justification of the High Performance Computer Control
Threshold Does Not Fully Address National Defense Authorization Act of
1998 Requirements. GAO-06-754R. Washington, D.C.: June 30, 2006.
Export Controls: Improvements to Commerce's Dual-Use System Needed to
Ensure Protection of U.S. Interests in the Post-9/11 Environment. GAO-
06-638. Washington, D.C.: June 26, 2006.
Defense Trade: Enhancements to the Implementation of Exon-Florio Could
Strengthen the Law's Effectiveness. GAO-05-686. Washington, D.C.:
September 28, 2005.
Industrial Security: DOD Cannot Ensure Its Oversight of Contractors
under Foreign Influence Is Sufficient. GAO-05-681. Washington, D.C.:
July 15, 2005.
Defense Trade: Arms Export Control Vulnerabilities and Inefficiencies
in the Post-9/11 Security Environment. GAO-05-468R. Washington, D.C.:
April 7, 2005.
Defense Trade: Arms Export Control System in the Post-9/11 Environment.
GAO-05-234. Washington, D.C.: February 16, 2005.
Defense Acquisitions: DOD Needs to Better Support Program Managers'
Implementation of Anti-Tamper Protection. GAO-04-302. Washington, D.C.:
March 31, 2004.
Defense Trade: Better Information Needed to Support Decisions Affecting
Proposed Weapons Transfers. GAO-03-694. Washington, D.C.: July 11,
2003.
Export Controls: Clarification of Jurisdiction for Missile Technology
Items Needed. GAO-02-120. Washington, D.C.: October 9, 2001.
[End of section]
Highlights: High-Risk Series: Transforming Federal Oversight of Food
Safety:
GAO Highlights:
For additional information about this high-risk area, contact Lisa
Shames at (202) 512-3841 or shamesl@gao.gov.
Why Area Is High Risk:
Each year, about 76 million people contract a foodborne illness in the
U.S.; about 325,000 require hospitalization; and about 5,000 die. In
addition, agriculture, as the largest industry and employer in the
United States, generates more than $1 trillion in economic activity
annually. The value of U.S. agricultural exports exceeded $68 billion
in fiscal year 2006.
What GAO Found:
This nation enjoys a plentiful and varied food supply that is generally
considered to be safe. However, the patchwork nature of the federal
oversight of food safety calls into question whether the government can
plan more strategically to inspect food production processes, identify
and react more quickly to any outbreaks of contaminated food, and focus
on achieving results to promote the safety and the integrity of the
nation’s food supply. This challenge is even more urgent since the
terrorist attacks of September 11, 2001, heightened awareness of
agriculture’s vulnerabilities to terrorism.
A 21st century challenge is to integrate the fragmented federal food
safety system in which 15 agencies collectively administer at least 30
laws related to food safety. The two primary agencies are the U.S.
Department of Agriculture (USDA), which is responsible for the safety
of meat, poultry, and processed egg products, and the Food and Drug
Administration (FDA), which is responsible for virtually all other
foods. The Department of Homeland Security (DHS) is responsible for
coordinating agencies’ food security activities.
During the past 30 years, GAO has reported that the system has caused
inconsistent oversight, ineffective coordination, and inefficient use
of resources. GAO’s most recent work demonstrates that these challenges
persist. Specifically:
* Existing statutes give agencies different regulatory and enforcement
authorities. Food products under FDA’s jurisdiction may be marketed
without prior approval while under USDA’s jurisdiction they must
generally be inspected and approved as meeting federal standards before
being sold to the public. USDA inspectors examine each slaughtered
carcass and visit each facility at least once during each operating
day. For foods under FDA’s jurisdiction, however, federal law does not
mandate the frequency of inspections.
* Food recalls are voluntary. However, USDA and FDA do not know how
promptly and completely companies are carrying out recalls, do not
promptly verify that recalls have reached all segments of the
distribution chain, and use procedures to alert consumers to a recall
that may not be effective.
* Agencies have taken steps to better manage the risks of
agroterrorism, including the development of national plans and the
adoption of standard protocols. However, there are weaknesses regarding
the flow of critical information among key stakeholders and
shortcomings in DHS’s coordination of federal working groups and
research efforts.
Transformation of the federal oversight framework for food safety is
needed to reduce the risks to public health and as well as the economy.
What Remains to Be Done:
While many of the recommendations GAO made have been acted upon, a
fundamental re-examination of the federal food safety system is
warranted. GAO has recommended comprehensive, uniform, and risk-based
food safety legislation, a detailed analysis of alternative
organizational food safety structures, and a reconvened Council on Food
Safety to facilitate interagency coordination on food safety regulation
and programs.
Going forward, to build a sustained focus on the safety and integrity
of the nation’s food supply, developing a governmentwide performance
plan that is mission based, has a results orientation, and provides a
cross-agency perspective offers a framework to help ensure agencies’
goals are complementary and mutually reinforcing.
Related Products: Transforming Federal Oversight of Food Safety:
Homeland Security: Management and Coordination Problems Increase the
Vulnerability of U.S. Agriculture to Foreign Pests and Disease. GAO-06-
644. Washington, D.C.: May 19, 2006.
Oversight of Food Safety Activities: Federal Agencies Should Pursue
Opportunities to Reduce Overlap and Better Leverage Resources. GAO-05-
213. Washington, D.C.: March 30, 2005.
Food Safety: Experiences of Seven Countries in Consolidating Their Food
Safety Systems. GAO-05-212. Washington, D.C.: February 22, 2005.
Food Safety: USDA and FDA Need to Better Ensure Prompt and Complete
Recalls of Potentially Unsafe Food. GAO-05-51. Washington, D.C.:
October 6, 2004.
Antibiotic Resistance: Federal Agencies Need to Better Focus Efforts to
Address Risk to Humans from Antibiotic Use in Animals. GAO-04-490.
Washington, D.C.: April 22, 2004.
School Meal Program: Few Instances of Foodborne Outbreaks Reported, but
Opportunities Exist to Enhance Outbreak Data and Food Safety Practices.
GAO-03-530. Washington, D.C.: May 9, 2003.
Food-Processing Security: Voluntary Efforts Are Under Way, but Federal
Agencies Cannot Fully Assess Their Implementation. GAO-03-342.
Washington, D.C.: February 14, 2003.
Meat and Poultry: Better USDA Oversight and Enforcement of Safety Rules
Needed to Reduce Risk of Foodborne Illnesses. GAO-02-902. Washington,
D.C.: August 30, 2002.
Genetically Modified Foods: Experts View Regimen of Safety Tests as
Adequate, but FDA's Evaluation Process Could Be Enhanced. GAO-02-566.
Washington, D.C.: May 23, 2002.
Food Safety: Improvements Needed in Overseeing the Safety of Dietary
Supplements and "Functional Foods." GAO/RCED-00-156. Washington, D.C.:
July 11, 2000.
[End of section]
Highlights: High-Risk Series: Department of Defense Contract
Management:
GAO Highlights:
For additional information about this high-risk area, contact Katherine
V. Schinasi at (202) 512-4841 or schinasik@gao.gov.
Why Area Is High Risk:
The Department of Defense (DOD) obligated nearly $270 billion in fiscal
year 2005 to equip and support the military forces, but is not able to
assure it is using sound business practices to acquire the goods and
services needed to meet the warfighter’s needs. For example, DOD is
increasingly relying on contractor-provided services but has not fully
implemented a strategic approach to buying services. Additionally, DOD
has not always made sound use of various techniques to acquire goods
and services. Further, DOD has not had a comprehensive plan to ensure
its workforce has the right skills and capabilities. GAO designated DOD
contract management as a high-risk area in 1992.
What GAO Found:
DOD continues to experience poor acquisition outcomes and missed
opportunities to improve its approach to buying goods and services. For
example, in November 2006, GAO reported that DOD’s management approach
lacked the necessary strategic vision and sustained commitment to
address service acquisition risks and foster better outcomes. In this
regard, DOD had not developed a strategy to gauge whether ongoing and
planned initiatives would achieve intended results. At the
transactional level, DOD focused primarily on awarding contracts, with
less attention paid to formulating acquisition requirements or
assessing service delivery. Further, the results of individual
acquisitions were generally not used to inform strategic decision
making. Overall, GAO found that DOD was ill-positioned to determine
whether investments in services were achieving desired outcomes.
GAO identified weaknesses across a broad spectrum of contractual
business arrangements. For example, GAO found that DOD frequently
initiated work on Iraq reconstruction efforts before requirements were
defined or understood, resulting in increased costs, schedule delays,
and reduced scopes of work. When requirements were not clear, DOD often
entered into arrangements that allowed contractors to begin work, but
imposed additional risks on DOD. For example, DOD contracting officials
were less likely to remove costs questioned by auditors from a
contractor’s proposal when the contractor had already incurred the
costs. In five audits that questioned about $600 million in costs,
contracting officials determined that the contractor should be paid for
all but $38 million. DOD did not always take advantage of the benefits
of competition. For example, DOD awarded contracts for guard services
on an authorized sole-source basis despite recognizing it was paying
about 25 percent more than it had under previously competed contracts.
Another element of a sound business arrangement is the use of award and
incentive fees to encourage improved contractor performance. GAO found
that DOD often used criteria that were not directly related to
outcomes, generally paid a significant portion of the available fee
regardless of outcomes, and provided contractors opportunities to earn
unearned or deferred fees. GAO estimated that DOD paid out an estimated
$8 billion in award fees on contracts in the study population,
regardless of whether outcomes fell short of DOD’s expectations, were
satisfactory, or exceeded expectations.
Providing effective oversight is essential to ensure DOD does not pay
more than the value of the goods delivered or services performed. At
times, DOD’s oversight was wanting, as it did not always task personnel
with oversight duties or establish clear lines of accountability,
especially on interagency contracts. Conducting oversight and meeting
other challenges, however, require a capable workforce. In June 2006,
DOD released a strategic plan for its acquisition workforce that
specifies the steps it plans to take over the next 2 years to identify
the skills and competencies needed for the future.
What Remains to Be Done:
To improve outcomes, DOD needs to:
* take action at the strategic and transactional level to improve its
acquisition of services;
* definitize contracts in a timely fashion, reassess its acquisition
strategies to provide for competition, and revise its award fee
guidance; and:
* improve its oversight procedures.
DOD generally concurred with GAO’s recommendations and is taking action
to implement them. Improving outcomes will require DOD leadership to
set the appropriate tone at the top and ensure its personnel adhere to
sound contracting practices.
Related Products: Department of Defense Contract Management:
Defense Acquisitions: Tailored Approach Needed to Improve Service
Acquisition Outcomes. GAO-07-20. Washington, D.C.: November 9, 2006.
DOD Contracting: Efforts Needed to Address Commercial Air Force
Acquisition Risk. GAO-06-995. Washington, D.C.: September 29, 2006.
Rebuilding Iraq: Continued Progress Requires Overcoming Contract
Management Challenges. GAO-06-1130T. Washington, D.C.: September 28,
2006.
Iraq Contract Costs: DOD Consideration of Defense Contract Audit
Agency's Findings. GAO-06-1132. Washington, D.C.: September 25, 2006.
Contract Management: Service Contract Approach to Aircraft Simulator
Training Has Room for Improvement. GAO-06-830. Washington, D.C.:
September 22, 2006.
DOD Acquisitions: Contracting for Better Outcomes. GAO-06-800T.
Washington, D.C.: September 7, 2006.
Contract Management: DOD Vulnerabilities to Contracting Fraud, Waste,
and Abuse. GAO-06-838R. Washington, D.C.: July 7, 2006.
Defense Management: Attention Is Needed to Improve Oversight of DLA
Prime Vendor Program. GAO-06-739R. Washington, D.C.: June 19, 2006.
Hurricane Katrina: Army Corps of Engineers Contract for Mississippi
Classrooms. GAO-06-454. Washington, D.C.: May 1, 2006.
Contract Security Guards: Army's Guard Program Requires Greater
Oversight and Reassessment of Acquisition Approach. GAO-06-284.
Washington, D.C.: April 3, 2006.
Defense Acquisitions: DOD Has Paid Billions in Award and Incentive Fees
Regardless of Acquisition Outcomes. GAO-06-66. Washington, D.C.:
December 19, 2005.
Contract Management: Opportunities to Improve Surveillance on
Department of Defense Service Contracts. GAO-05-274. Washington, D.C.:
March 17, 2005.
[End of section]
Highlights: High-Risk series: Department of Energy Contract Management:
GAO Highlights:
For additional information about this high-risk area, contact Robert A.
Robinson at (202) 512-3841 or robinsonr@gao.gov.
Why Area Is High Risk:
The Department of Energy (DOE)—the largest contracting agency in the
federal government after the Department of Defense—relies primarily on
contractors to carry out its diverse missions and operate its
laboratories and other facilities. About 90 percent of DOE’s budget,
or about $22 billion annually, is spent on contracts. In 1990, GAO
designated DOE contract management as a high-risk area because of DOE’s
record of both inadequate management and oversight of contractors and
failure to hold contractors accountable.
What GAO Found:
DOE’s contract management, including both contract administration and
project management, continues to be at high risk for fraud, waste,
abuse, and mismanagement. In January 2005, GAO reported that the
department was making efforts to strengthen contracting guidance and
improve performance accountability for contractors and DOE project
managers but that performance problems continued on DOE’s major
projects. These conditions have not substantially changed.
Over the last 2 years, however, DOE has continued efforts to address
its contract and project management problems. For example, the Office
of Environmental Management, which is responsible for overseeing the
department’s annual $7 billion in environmental cleanup work, is in the
process of integrating contract and project management under a new
deputy assistant secretary for acquisition and project management. The
new position is aimed at improving efficiency and oversight of
contracting and project management. Also, in a departmentwide effort to
improve project oversight, DOE recently announced it had certified all
of its federal project directors as having completed rigorous
competency and training requirements. In addition, DOE began taking
steps to assess the accuracy of the cost and schedule data used to
oversee contractor performance in implementing projects. Finally, in
response to an Office of Management and Budget request to federal
agencies with activities on GAO’s high-risk list, DOE developed an
action plan to strengthen the department’s management of contracts and
projects. The plan includes an implementation schedule and performance
measures for assessing its effectiveness.
While DOE is continuing its improvement efforts, GAO found that
performance problems still regularly occur on DOE’s major projects.
For example, DOE continued to experience significant cost and schedule
growth in constructing facilities to stabilize and treat 55 million
gallons of radioactive waste in Hanford, Washington. Since the
contract was awarded in 2000, the estimated project costs have
increased from $4.3 billion to over $12 billion, and the completion
date for constructing the facilities has been extended 8 years to
2019. This resulted, in large part, from DOE’s continued reliance on a
practice of concurrently designing and constructing one-of-a-kind
facilities, as well as poor contractor performance and inadequate
oversight by the department. In general, GAO found that DOE did not
ensure, prior to awarding its contracts for major projects, that the
contracts included effective performance incentives for contractors to
control project costs and schedule. Additionally, in developing its
action plan to strengthen contract and project management, the
department did not conduct a root-cause analysis to fully understand
the causes of its contract and project management problems.
What Remains to Be Done:
To further strengthen DOE’s contract and project management so that it
can demonstrate improved results from its contractors, GAO made a
series of recommendations that collectively call for DOE to improve its
measures for assessing both contractor performance and the department’s
progress toward addressing weaknesses in contract and project
management, to improve its oversight of contractors, and to strengthen
accountability for performance. DOE generally agreed with the
recommendations. In some cases, DOE asserted that its ongoing efforts
already addressed the recommendations; however, GAO concluded that
further improvements were needed.
Related Products: Department of Energy Contract Management:
Nuclear Cleanup of Rocky Flats: DOE Can Use Lessons Learned to Improve
Oversight of Other Sites' Cleanup Activities. GAO-06-352. Washington,
D.C.: July 10, 2006.
DOE Contracting: Better Performance Measures and Management Needed to
Address Delays in Awarding Contracts. GAO-06-722. Washington, D.C.:
June 30, 2006.
DOE Contracting: Improved Program Management Could Help Achieve Small
Business Goal. GAO-06-501. Washington, D.C.: April 7, 2006.
Hanford Waste Treatment Plant: Contractor and DOE Management Problems
Have Led to Higher Costs, Construction Delays, and Safety Concerns. GAO-
06-602T. Washington, D.C.: April 6, 2006.
Yucca Mountain: Quality Assurance at DOE's Planned Nuclear Waste
Repository Needs Increased Management Attention. GAO-06-313.
Washington, D.C.: March 17, 2006.
Stand-Down of Los Alamos National Laboratory: Total Costs Uncertain;
Almost All Mission-Critical Programs Were Affected but Have Recovered.
GAO-06-83. Washington, D.C.: November 18, 2005.
Department of Energy: Improved Guidance, Oversight, and Planning Are
Needed to Better Identify Cost-Saving Alternatives for Managing Low-
Level Radioactive Waste. GAO-06-94. Washington, D.C.: October 31, 2005.
Department of Energy: Additional Opportunities Exist for Reducing
Laboratory Contractors' Support Costs. GAO-05-897. Washington, D.C.:
September 9, 2005.
Department of Energy: Improved Oversight Could Better Ensure
Opportunities for Small Business Subcontracting. GAO-05-459.
Washington, D.C.: May 13, 2005.
Department of Energy: Further Actions Are Needed to Strengthen Contract
Management for Major Projects. GAO-05-123. Washington, D.C.: March 18,
2005.
[End of section]
Highlights: High-Risk Series: National Aeronautics and Space
Administration Contract Management:
GAO Highlights:
For additional information about this high-risk area, contact Allen Li
at (202) 512-4841or lia@gao.gov.
Why Area Is High Risk:
NASA’s success largely depends on the work of its contractors—on which
NASA spends about 85 percent of its annual budget. In 1990, GAO
designated NASA’s contract management as high risk. This area has been
designated as high risk principally because NASA has lacked a modern
financial management system to provide accurate and reliable
information on contract spending and placed little emphasis on product
performance, cost controls, and program outcomes. These weaknesses pose
significant challenges to NASA’s ability to implement corrective
actions and make informed investment decisions. Due to the considerable
challenges NASA continues to face in implementing effective systems and
processes, contract management remains high risk.
What GAO Found:
We reported in 2003 that NASA’s integrated financial management program
did not address many of its most significant management challenges,
including producing credible cost estimates and providing the
information needed to monitor contractor performance. Since then, NASA
has made some progress towards implementing its system. For example,
the agency has instituted a corrective action plan focused on the
recommendations we made in conjunction with our 2005 review, to include
(1) releasing an updated version of its architecture and information
technology investment sequencing plan; (2) initiating reviews of
proposed and existing investments to determine alignment with the
architecture; (3) implementing a requirements management process that
complies with applicable standards and NASA requirements, including
validation processes that capture necessary metrics that allow
officials to evaluate the effectiveness of processes; and (4)
implementing life-cycle cost estimates for the program.
As we reported in 2006, the key for federal agencies, including NASA,
to avoid the long-standing problems that have plagued financial
management system improvement efforts is to (1) develop a concept of
operations; (2) define standard business processes, which may include
reengineering existing processes; and (3) effectively implement the
disciplined processes necessary to manage the project. Although NASA
has made progress toward implementing disciplined project management
processes, limited progress has been made in other areas, including
reengineering NASA’s contractor cost reporting process. As a result,
the system still does not provide cost information that program
managers and cost estimators need to develop credible estimates and
compare budgeted and actual cost with the work performed on the
contract. In addition to establishing an integrated financial
management system, much work remains to ensure effective program
management and contractor oversight. As GAO previously reported, NASA
often does not obtain from its contractors the financial data and
performance information needed to assess progress on its contracts. In
addition, NASA does not yet have the full complement of analytical
tools and staff trained needed to perform cost analyses, including
earned value management. Until NASA has the data, tools, and analytical
skills needed to alert program managers of potential cost overruns and
schedule delays and take corrective action before discrepancies occur,
it will continue to face challenges in effectively overseeing its
contractors.
NASA plans to spend nearly $230 billion alone, over the next two
decades, to implement the President’s 2004 Vision for Space
Exploration. Implementing the Vision, including establishing a
permanent lunar outpost, will entail a multitude of contracts and will
require a sustained commitment from multiple administrations and
Congresses over the length of the program. The realistic identification
of needed resources and accurate accounting of cost and contractor
performance would go a long way to provide support for such a sustained
commitment and provide the basis for congressional oversight.
What Remains to Be Done:
While progress has been made, NASA needs to take additional steps in
order to improve contract management and program oversight. These
include:
* consistently instilling a disciplined cost-estimating process in
project development efforts,
* reengineering key business processes to include contractor cost
reporting processes, and:
* ensuring that it obtains the information needed to assess progress on
its contracts.
Strong executive leadership will be critical for ensuring that its
financial management organization delivers the kind of analysis and
forward-looking information needed to manage its many complex programs.
Related Products: National Aeronautics and Space Administration
Contract Management:
NASA: Sound Management and Oversight Key to Addressing Crew Exploration
Vehicle Project Risks. GAO-06-1127T. September 28, 2006.
Enterprise Architecture: Leadership Remains Key to Establishing and
Leveraging Architectures for Organizational Transformation. GAO-06-
831. Washington, D.C.: August 14, 2006.
NASA: Long-Term Commitment to and Investment in Space Exploration
Program Requires More Knowledge. GAO-06-817R. Washington, D.C.: July
17, 2006.
NASA's James Webb Space Telescope: Knowledge-Based Acquisition Approach
Key to Addressing Program Challenges. GAO-06-634. Washington, D.C.:
July 14, 2006.
Financial Management Systems: Additional Efforts Needed to Address Key
Causes of Modernization Failures. GAO-06-184. Washington, D.C.: March
15, 2006.
NASA: Implementing a Knowledge-Based Acquisition Framework Could Lead
to Better Investment Decisions and Project Outcomes. GAO-06-218.
Washington, D.C.: December 21, 2005.
NASA: Long-standing Financial Management Challenges Threaten the
Agency's Ability to Manage Its Programs. GAO-06-216T. Washington, D.C.:
October 27, 2005.
Business Modernization: Some Progress Made toward Implementing GAO
Recommendations Related to NASA's Integrated Financial Management
Program. GAO-05-799R. Washington, D.C.: September 9, 2005.
[End of Section]
Highlights: High-Risk series: Management of Interagency Contracting:
GAO Highlights:
For additional information about this high-risk area, contact William
T. Woods at (202) 512-8214 or woodsw@gao.gov.
Why Area Is High Risk:
Federal agencies have increasingly turned to interagency contracting—a
process by which one agency uses other agencies’ contracts and
contracting services—as a way to streamline the procurement process.
This contracting method can offer benefits of improved efficiency and
convenience, but it needs to be effectively managed. Due to continued
growth in the use of these contracts, the limited expertise of some
customers and service providers in using these contracts, and unclear
lines of responsibility, GAO designated interagency contracting as a
high-risk area in 2005. Proper use of this contracting method requires
strong internal controls, clear definition of roles and
responsibilities, and training for both customers and servicing
agencies. GAO’s work and that of agency inspectors general has
continued to find cases in which agencies have not adequately met these
challenges.
What GAO Found:
Governmentwide, the use of interagency contracts to procure goods and
services has continued to increase over the past several years. In
particular, spending through the General Services Administration (GSA)
schedule contracts has increased by $4 billion during the last 2
years.
Figure: GSA Schedule Sales, Fiscal Years 1996 through 2006:
[see PDF for Image]
Source: GSA.
[End of Figure]
Interagency contracts provide agencies with convenient access to
commonly needed goods and services, for which the agencies that
establish these contracts and provide contracting services charge a fee
to support their operations. When used correctly, interagency contracts
provide opportunities to streamline the procurement process and achieve
savings through leveraging the government’s buying power. However,
monitoring and oversight of these contracts have not kept up with their
growth, and there are no complete and reliable data on how much is
spent governmentwide through interagency contracts or the amount of
fees paid by agencies using this contracting method. GAO and agency
inspectors general continue to find that the agencies involved in the
interagency contracting process have not always obtained required
competition, evaluated contracting alternatives, or conducted adequate
oversight. For example, there have been recent cases in which agencies
have issued orders that were beyond the scope of the underlying
contracts, internal controls for ensuring proper payments were not in
place, and oversight responsibilities were not clearly defined.
Agencies have begun to address these challenges by issuing new guidance
and adding training requirements to improve the expertise of the
acquisition workforce, and the Office of Management and Budget has
convened a working group to improve the management of interagency
contracting. However, work remains to ensure these contracts and
contracting services are properly managed and that intended
efficiencies are achieved.
What Remains to Be Done:
While agencies have taken some action in response to GAO
recommendations, specific and targeted approaches are still needed to
address interagency contracting management risks. Roles and
responsibilities of both customers and servicing agencies need to be
clearly defined; servicing agencies need to continue to adopt and
implement policies and processes that ensure that customer service
demands do not override sound contracting practices; and agencies need
to track the use of this contracting method to assess whether it
provides good outcomes.
Related Products: Management of Interagency Contracting:
Interagency Contracting: Improved Guidance, Planning, and Oversight
Would Enable the Department of Homeland Security to Address Risks. GAO-
06-996. Washington, D.C.: September 27, 2006.
Homeland Security: Contract Management and Oversight for Visitor and
Immigrant Status Program Need to Be Strengthened. GAO-06-404.
Washington, D.C.: June 9, 2006.
Department of Energy, Office of Worker Advocacy: Deficient Controls Led
to Millions of Dollars in Improper and Questionable Payments to
Contractors. GAO-06-547. Washington, D.C.: May 31, 2006.
Federal Bureau of Investigation: Weak Controls over Trilogy Project Led
to Payment of Questionable Contractor Costs and Missing Assets. GAO-06-
306. Washington, D.C.: February 28, 2006.
U.S. Office of Special Counsel: Selected Contracting and Human Capital
Issues. GAO-06-16. Washington, D.C.: November 17, 2005.
Improvements Needed to the Federal Procurement Data System--Next
Generation. GAO-05-960R. Washington, D.C.: September 27, 2005.
Interagency Contracting: Franchise Funds Provide Convenience, but Value
to DOD Is Not Demonstrated. GAO-05-456. Washington, D.C.: July 29,
2005.
Interagency Contracting: Problems with DOD's and Interior's Orders to
Support Military Operations. GAO-05-201. Washington, D.C.: April 29,
2005.
Homeland Security: Successes and Challenges in DHS's Efforts to Create
an Effective Acquisition Organization. GAO-05-179. Washington, D.C.:
March 29, 2005.
Contract Management: Opportunities to Improve Pricing of GSA Multiple
Award Schedules Contracts. GAO-05-229. February 11, 2005.
[End of Section]
Highlights: High-Risk Series: Enforcement of Tax Laws:
GAO Highlights:
For additional information about this high-risk area, contact Michael
Brostek or James White at (202) 512-9110 or at brostekm@gao.gov or
whitej@gao.gov.
Why Area Is High Risk:
Internal Revenue Service (IRS) enforcement of the tax laws is vital to
promote compliance by giving taxpayers confidence that others are
paying their fair share. In 1990, GAO designated one aspect of
enforcement—collection of tax debt—as high risk, later broadening it to
include both unpaid taxes known to IRS and unpaid taxes IRS has not
detected. In 1995, GAO added a new high-risk area related to the Earned
Income Credit, a refundable tax credit available to certain low-income,
working taxpayers. In 2005, GAO combined these two IRS high-risk issues
under enforcement of tax laws, in part, to reflect IRS’s current
appropriations.
What GAO Found:
IRS has made noticeable progress in its enforcement efforts. In 2006,
enforcement revenue rose about 13 percent compared to 2004 levels.
Based on preliminary data, IRS increased the overall percentage of tax
returns examined between 2004 and 2006 by about 30 percent. IRS
completed compliance research on individual taxpayers under its
National Research Program (NRP) in 2005 and is using the results to
better target operational audits. IRS also set a long-term goal to
increase the compliance rate.
Nevertheless, IRS’s most recent estimate is that the gross tax gap (the
difference between the taxes that should have been paid voluntarily and
on time and what was actually paid) was $345 billion for tax year 2001.
IRS estimated that it would eventually collect $55 billion of this
amount, leaving a net tax gap of $290 billion in unpaid taxes.
IRS lacks a data-based plan to improve compliance. Such a plan would
require quantitative estimates of how changes to its service and
enforcement programs affect compliance. Given the considerable
challenges to quantifying the relationship between IRS’s efforts and
changes in compliance levels, a long-term research effort will be
needed. In the interim, IRS’s plans need to clearly describe why the
specific service and enforcement strategies it proposes are likely to
improve compliance.
Although the NRP does not quantify the effect of IRS’s programs on
compliance, it provides invaluable information on individual taxpayers’
compliance. IRS has begun another study on S-corporations’ compliance.
However, IRS has no plans to repeat the study on individual taxpayers,
which took years to plan and execute, or conduct similar research on
all other significant components of the tax gap. To further improve
available information, IRS needs periodic, if not annual, measurements
of compliance levels to gauge the extent to which compliance is
improving or declining and to effectively target its service and
enforcement efforts.
Real progress in reducing the tax gap will require efforts beyond
current enforcement. IRS and Congress will need to develop and IRS will
need to execute multiple strategies over a sustained period. Strategies
could include simplifying the tax code or specific code sections,
improving service to taxpayers, obtaining new sources of information to
help identify and deter noncompliance, and expanding the use of proven
tools for obtaining high levels of compliance, like additional
withholding of taxes and third-party information reporting.
Further, IRS will need to leverage technology to better help taxpayers
who want to comply as well as more efficiently detect noncompliance.
Technology could reduce the costs of providing individualized service
to taxpayers. In an era of tight budgets, technology could also help
increase the productivity of enforcement staff.
What Remains to Be Done:
To improve its enforcement of tax laws, IRS must:
* develop a data-based plan and specific recommendations to improve
compliance;
* continue to perform compliance research on a regular basis, use the
results to justify resource requests, target scarce enforcement
resources, and develop other corrective measures for all aspects of tax
law enforcement;
* develop, in consultation with the Department of the Treasury, new
and innovative solutions to improve compliance; and:
* continue to modernize its technology that underpins service and
enforcement efforts.
Related Products: Enforcement of Tax Laws:
Tax Debt Collection: IRS Needs to Complete Steps to Help Ensure
Contracting Out Achieves Desired Results and Best Use of Federal
Resources. GAO-06-1065. Washington, D.C.: September 29, 2006.
Business Tax Reform: Simplification and Increased Uniformity of
Taxation Would Yield Benefits. GAO-06-1113T. Washington, D.C.:
September 20, 2006.
Individual Income Tax Policy: Streamlining, Simplification, and
Additional Reforms Are Desirable. GAO-06-1028T. Washington, D.C.:
August 3, 2006.
Tax Compliance: Opportunities Exist to Reduce the Tax Gap Using a
Variety of Approaches. GAO-06-1000T. Washington, D.C.: July 26, 2006.
Capital Gains Tax Gap: Requiring Brokers to Report Securities Cost
Basis Would Improve Compliance if Related Challenges Are Addressed. GAO-
06-603. Washington, D.C.: June 13, 2006.
Tax Compliance: Challenges to Corporate Tax Enforcement and Options to
Improve Securities Basis Reporting. GAO-06-851T. Washington, D.C.: June
13, 2006.
Business Systems Modernization: IRS Needs to Complete Recent Efforts to
Develop Policies and Procedures to Guide Requirements Development and
Management. GAO-06-310. Washington, D.C.: March 20, 2006.
Financial Management: Thousands of GSA Contractors Abuse the Federal
Tax System. GAO-06-492T. Washington, D.C.: March 14, 2006.
Tax Gap: Making Significant Progress in Improving Tax Compliance Rests
on Enhancing Current IRS Techniques and Adopting New Legislative
Actions. GAO-06-453T. Washington, D.C.: February 15, 2006.
Tax Gap: Multiple Strategies, Better Compliance Data, and Long-Term
Goals Are Needed to Improve Taxpayer Compliance. GAO-06-208T.
Washington, D.C.: October 26, 2005.
Financial Management: Thousands of Civilian Agency Contractors Abuse
the Federal Tax System with Little Consequence. GAO-05-637. Washington,
D.C.: June 16, 2005.
[End of Section]
Highlights: High-Risk Series: Internal Revenue Service Business Systems
Modernization:
GAO Highlights:
For additional information about this high-risk area, contact David A.
Powner at (202) 512-9286 or pownerd@gao.gov, or Steven J. Sebastian at
(202) 512-3406 or sebastians@gao.gov.
Why Area Is High Risk:
The Internal Revenue Service’s (IRS) highly complex, multibillion-
dollar Business Systems Modernization (BSM) program is critical to (1)
the successful transformation of the agency’s manual paper-intensive
business operations, (2) fulfillment of its obligations under the IRS
Restructuring and Reform Act, and (3) providing the reliable and timely
financial management information needed to better enable IRS to justify
its resource allocation decisions and congressional budgetary requests.
Despite progress in improving modernization management controls and
capabilities and addressing long-standing financial management
weaknesses, significant challenges and serious risks remain.
What GAO Found:
IRS has long relied on obsolete automated systems for key operational
and financial management functions, and its attempts to modernize these
aging computer systems span several decades. A long history of
continuing delays and design difficulties and their impact on IRS’s
operations led GAO to designate IRS’s systems modernization and its
financial management as separate high-risk areas in 1995. In 2005, GAO
noted that, despite progress in establishing management controls, in
acquiring foundational system infrastructure and applications, and in
addressing several financial management deficiencies, including
deficiencies in controls over budgetary activity and property and
equipment, both BSM and financial management remained high risk. Since
resolution of IRS’s most serious remaining financial management
problems depended largely upon the success of BSM, GAO combined the two
issues into one high-risk area.
IRS has made further progress since 2005 in addressing GAO’s concerns
about the management of BSM. For example, IRS (1) delivered releases of
key automated systems associated with processing various individual
returns for single and head-of-household taxpayers and accepting
electronic returns for select businesses and tax-exempt organizations,
(2) made progress in addressing high-priority program initiatives and
significant risks and issues affecting its systems, and (3) developed a
high-level modernization vision and strategy to address program changes
and provide a modernization road map. In addition, IRS implemented the
initial phase of several key automated financial management systems,
including a cost accounting module that it populated with data;
developed a methodology to allocate costs to its business units; and
improved the reliability of its property and equipment records. IRS has
also taken corrective actions related to aspects of financial
management that are not dependent on automated systems, such as further
improving physical security over hard-copy tax receipts and related
data.
However, GAO recently reported that while some project releases were
delivered within cost or schedule commitments, others continued to
experience cost increases or schedule delays. In addition, critical
management controls and capabilities have not yet been fully
implemented or institutionalized. Further, the outdated legacy
financial management systems IRS continues to rely on are not
integrated with supporting records for several material balances, do
not provide adequate audit trails for those balances, and cannot
provide current information to support decision making. IRS is taking
action to resolve these issues and to address GAO’s recommendations
related to BSM and financial management. However, more remains to be
done to fully address the problems that have affected past systems
modernization efforts and that continue to affect IRS’s ability to
successfully modernize its operational and financial management
systems.
What Remains to Be Done:
While IRS has made progress in reducing risk with systems modernization
and financial management, improvements made have not been sustained
long enough to provide confidence that the program is fully stable. In
addition, many challenges remain, including (1) improving processes for
designing, developing and delivering modernized IT systems; and (2)
developing and utilizing cost-based performance measures to assist in
measuring the effectiveness of programs over time.
Related Products: Internal Revenue Service Business Systems
Modernization:
Financial Audit: IRS's Fiscal Years 2006 and 2005 Financial Statements.
GAO-07-136. Washington, D.C.: November, 9, 2006.
Internal Revenue Service: Status of Recommendations from Financial
Audits and Related Management Reports. GAO-06-560. Washington, D.C.:
June 6, 2006.
Management Report: Improvements Needed in IRS's Internal Controls. GAO-
06-543R. Washington, D.C.: May 12, 2006.
Internal Revenue Service: Assessment of the Interim Results of the 2006
Filing Season and Fiscal Year 2007 Budget Request. GAO-06-499T.
Washington, D.C.: April 27, 2006.
Internal Revenue Service: Assessment of the Interim Results of the 2006
Filing Season and Fiscal Year 2007 Budget Request. GAO-06-615T.
Washington, D.C.: April 6, 2006.
Business Systems Modernization: IRS Needs to Complete Recent Efforts to
Develop Policies and Procedures to Guide Requirements Development and
Management. GAO-06-310. Washington, D.C.: March 20, 2006.
Business Systems Modernization: Internal Revenue Service's Fiscal Year
2006 Expenditure Plan. GAO-06-360. Washington, D.C.: February 21, 2006.
Financial Audit: IRS's Fiscal Years 2005 and 2004 Financial Statements.
GAO-06-137. Washington, D.C.: November 10, 2005.
Business Systems Modernization: Internal Revenue Service's Fiscal Year
2005 Expenditure Plan. GAO-05-774. Washington, D.C.: July 22, 2005.
IRS Modernization: Continued Progress Requires Addressing Resource
Management Challenges. GAO-05-707T. Washington, D.C.: May 19, 2005.
Internal Revenue Service: Status of Recommendations from Financial
Audits and Related Management Reports. GAO-05-393. Washington, D.C.:
April 29, 2005.
Management Report: Improvements Needed in IRS's Internal Controls. GAO-
05-247R. Washington, D.C.: April 27, 2005.
Management Report: Review of Controls over Safeguarding Taxpayer
Receipts and Information at the Brookhaven Service Center Campus. GAO-
05-319R. March 10, 2005.
Opportunities to Improve Timeliness of IRS Lien Releases. GAO-05-26R.
Washington, D.C.: January 10, 2005.
[End of Section]
Highlights: High-Risk Series: Modernizing Federal Disability Programs:
GAO Highlights:
For additional information about this high-risk area, contact Robert E.
Robertson at (202) 512-7215 or robertsonr@gao.gov, or Daniel Bertoni at
(202) 512-7215 or bertonid@gao.gov.
Why Area Is High Risk:
In January 2003, GAO designated modernizing federal disability programs
as a high-risk area because of challenges that continue today. For
example, despite opportunities afforded by medical and technological
advances and the growing expectations that people with disabilities can
and want to work, federal disability programs remain grounded in
outmoded concepts that equate medical conditions with work incapacity.
Moreover, just as the disability programs are positioned to grow
rapidly with current demographics, the Social Security Administration
(SSA) and the Department of Veterans Affairs (VA) face difficult
challenges in providing timely and consistent disability decisions.
Modernizing federal disability programs remains a high-risk area as
solutions are likely to require fundamental changes, including
regulatory and legislative action.
What GAO Found:
GAO’s work examining federal disability programs has found that the
major disability programs are neither well aligned with the 21st
century environment nor positioned to provide meaningful and timely
support. In particular, SSA’s and VA’s disability programs are based on
definitions and concepts that originated over 50 years ago, despite
scientific advances that have reduced the severity of some medical
conditions and have allowed individuals to live with greater
independence and function in work settings. Furthermore, as both
programs experience unprecedented growth in the number and complexity
of claims filed each year, they continue to face ongoing challenges to
make timely, accurate, and consistent decisions. Although SSA and, to a
lesser extent, VA have made some progress toward improving their
disability programs, significant challenges remain.
* Programs are grounded in outmoded concepts of disability. Disability
criteria have not been updated to reflect the current state of science,
medicine, technology, and labor market conditions. SSA has stated that
it is in the process of moving from a “disabled for life” approach to
one that helps individuals with disabilities return to work. To this
end, SSA has drafted an action plan for modernizing its disability
programs that includes removing barriers and disincentives to work and
providing work supports earlier. These efforts could potentially shift
SSA’s disability programs toward enhancing the productive capabilities
of program beneficiaries. VA’s approach to modernization rests largely
upon implementing recommendations, if any, that could arise from a
review of the appropriateness of VA disability benefits now being
conducted by a congressionally appointed commission. The commission is
expected to report to Congress in October 2007. As these agencies
proceed with their plans, one challenge they face is to coordinate
their modernization efforts with other programs providing disability
assistance.
* Agencies have difficulty managing disability programs. Both SSA and
VA still have lengthy disability claims processing times and have
limited assurance of the accuracy and consistency of disability
decisions. While SSA has begun to implement (1) an electronic
disability processing system aimed at eliminating delays caused by the
handling of paper claim files and (2) a comprehensive process
improvement initiative aimed at making decisions earlier in the
process, it is too early to measure the success of these actions.
Similarly, in its budget justification for fiscal year 2007, VA
identified several steps it plans to take to improve the timeliness of
its disability decisions, including moving toward an electronic file
system. However, it is not clear whether VA will be able to achieve its
planned improvements.
What Remains to Be Done:
While SSA and VA have taken some actions in response to prior GAO
recommendations, GAO continues to believe that SSA and VA should take a
lead role in examining the fundamental causes of program problems and
seek the regulatory and legislative solutions needed to transform their
programs so that they are aligned with the current state of science,
medicine, technology, and labor market conditions. Moreover, these
agencies should continue to develop and implement strategies to better
manage the programs’ accuracy, timeliness, and consistency of decision
making.
Related Products: Modernizing Federal Disability Programs:
Social Security Disability Programs: Clearer Guidance Could Help SSA
Apply the Medical Improvement Standard More Consistently. GAO-07-8.
Washington, D.C.: October 3, 2006.
Social Security Administration: Agency Is Positioning Itself to
Implement Its New Disability Determination Process, but Key Facets Are
Still in Development. GAO-06-779T. Washington, D.C.: June 15, 2006.
Veterans' Disability Benefits: VA Should Improve Its Management of
Individual Unemployability Benefits by Strengthening Criteria,
Guidance, and Procedures. GAO-06-309. Washington, D.C.: May 30, 2006.
Social Security Administration: Administrative Review Process for
Adjudicating Initial Disability Claims. GAO-06-640R. Washington, D.C.:
May 16, 2006.
VA Disability Benefits: Routine Monitoring of Disability Decisions
Could Improve Consistency. GAO-06-120T. Washington, D.C.: October 20,
2005.
Computer-Based Patient Records: VA and DOD Made Progress, but Much Work
Remains to Fully Share Medical Information. GAO-05-1051T. Washington,
D.C.: September 28, 2005.
Federal Disability Assistance: Wide Array of Programs Needs to Be
Examined in Light of 21st Century Challenges. GAO-05-626. Washington,
D.C.: June 2, 2005.
Veterans' Disability Benefits: Claims Processing Problems Persist and
Major Performance Improvements May Be Difficult. GAO-05-749T.
Washington, D.C.: May 26, 2005.
VA Disability Benefits and Health Care: Providing Certain Services to
the Seriously Injured Poses Challenges. GAO-05-444T. Washington, D.C.:
March 17, 2005.
Social Security Administration: Better Planning Could Make the Ticket
Program More Effective. GAO-05-248. Washington, D.C.: March 2, 2005.
Vocational Rehabilitation: More VA and DOD Collaboration Needed to
Expedite Services for Seriously Injured Servicemembers. GAO-05-167.
Washington, D.C.: January 14, 2005.
[End of Section]
Highlights: High-Risk Series: Pension Benefit Guaranty Corporation
Single-Employer Pension Insurance Program:
GAO Highlights:
For additional information about this high-risk area, contact Barbara
Bovbjerg at (202) 512-5491 or bovbjergb@gao.gov.
Why Area Is High Risk:
The Pension Benefit Guaranty Corporation (PBGC)’s single-employer
program insures the pension benefits of over 34 million participants in
more than 28,000 private defined benefit (DB) plans. The program’s
financial condition has declined from a $9.7 billion surplus in 2000 to
an $18.1 billion deficit as of September 30, 2006. PBGC-insured plans
had cumulative underfunding of $350 billion, including $73 billion in
plans sponsored by financially weak firms. While Congress passed a
major pension reform law, the program remains exposed to the threat of
terminations of large underfunded plans in weak industries and of
sponsors voluntarily terminating or freezing their DB plans. GAO placed
the program on its high-risk list in July 2003.
What GAO Found:
Recently enacted comprehensive pension reform legislation addressed
many GAO concerns about the financial condition of PBGC’s single-
employer program, although the program remains high risk because of its
large deficit (see figure) and uncertainty about the future of the DB
system. The Pension Protection Act (PPA) included provisions aimed at
shoring up DB plan funding, such as raising the funding targets DB
plans must meet, reducing the period over which sponsors can “smooth”
reported plan assets and liabilities, and restricting sponsors’ ability
to substitute “credit balances” for cash contributions. Other reforms
also may increase PBGC revenues by raising flat-rate premiums,
expanding variable-rate premiums, and introducing a termination premium
for some bankrupt sponsors, while limiting PBGC’s guarantee to pay
certain benefits. Congress also clarified the legal status of hybrid
cash balance plans, potentially encouraging sponsorship of such plans.
While these measures should help, PPA’s overall impact on the single-
employer program’s deficit is unclear. PPA did not fully close
potential plan funding gaps, and it provided funding relief to plan
sponsors in troubled industries. As a result, PBGC may be exposed to
additional terminations of large underfunded plans. In fact, PBGC
projects that PPA may lower contributions and raise claims relative to
previous law, and the Congressional Budget Office forecasts large
continued losses for the program. PPA is also unlikely to reverse the
long-term decline of the DB system or help PBGC make up its current
deficit, as stricter funding requirements and higher premiums may lead
sponsors to terminate or freeze their plans. These challenges facing
the DB system, coupled with Social Security’s financial deficits and
uncertainty about the adequacy and risks of defined contribution plans,
raise concerns about the future retirement security of American
workers.
Figure: Net Financial of PBGC's Single-Employer Program:
[See PDF for Image]
Source: Pension Benefit Guaranty Corporation.
Note: Net position equals program assets less the current value of
future benefit obligations for terminated plans and those deemed likely
to default. Values are for the end of the fiscal year.
[End of Figure]
What Remains to Be Done:
Although recent comprehensive legislative reform contains measures to
improve plan funding and shore up PBGC’s finances, Congress may need to
carefully monitor its effects on PBGC’s programs and on DB plans, and
may need to take additional action to safeguard the private pension
system’s role in national retirement security. In the longer term,
Congress will also need to consider even more broadly how the risks and
responsibilities for retirement security should be shared among
individuals, employers, and government.
Related Products: Pension Benefit Guaranty Corporation Single-Employer
Pension Insurance:
Private Pensions: Opportunities Exist to Further Improve the
Transparency of PBGC's Financial Disclosures. GAO-06-429. Washington,
D.C.: March 27, 2006.
Private Pensions: Information on Cash Balance Pension Plans. GAO-06-
42. Washington, D.C.: November 3, 2005.
Private Pensions: Questions Concerning the Pension Benefit Guaranty
Corporation's Practices Regarding Single-Employer Probable Claims. GAO-
05-991R. Washington, D.C.: September 9, 2005.
Private Pensions: The Pension Benefit Guaranty Corporation and Long-
Term Budgetary Challenges. GAO-05-772T. Washington, D.C.: June 9, 2005.
Private Pensions: Revision of Defined Benefit Pension Plan Funding
Rules Is an Essential Component of Comprehensive Pension Reform. GAO-
05-794T. Washington, D.C.: June 7, 2005.
Private Pensions: Government Actions Could Improve the Timeliness and
Content of Form 5500 Pension Information. GAO-05-491. Washington, D.C.:
June 3, 2005.
Highlights of a GAO Forum: The Future of the Defined Benefit System and
the Pension Benefit Guaranty Corporation. GAO-05-578SP. Washington,
D.C.: June 1, 2005.
Private Pensions: Recent Experiences of Large Defined Benefit Plans
Illustrate Weaknesses in Funding Rules. GAO-05-294. Washington, D.C.:
May 31, 2005.
Pension Benefit Guaranty Corporation: Structural Problems Limit
Agency's Ability to Protect Itself from Risk. GAO-05-360T. Washington,
D.C.: March 2, 2005.
[End of section]
Highlights: High-Risk Series: Medicare Program:
GAO Highlights:
For additional information about this high-risk area, contact Marjorie
Kanof at (202) 512-5055 or kanofm@gao.gov.
Why Area Is High Risk:
Since 1990, GAO has designated Medicare a high-risk program. It is a
program vulnerable to improper payment and mismanagement, in part due
to its sheer size and complexity. In 2005, the program covered over 42
million elderly and disabled beneficiaries and had estimated outlays of
over $330 billion, while its most recent estimate of improper payments
was about $11 billion. In 2006, Medicare added a new prescription drug
benefit that is estimated to cost about $1 trillion in its first 10
years. Absent reform, the program’s spending growth will be
unsustainable over time—increasing from an estimated 3.2 percent of GDP
in 2006 to 7.3 percent by 2035. While fundamental financing reform is
not within the authority of the Centers for Medicare & Medicaid
Services (CMS)—the agency that administers Medicare—it has broad
responsibility for setting payment rates that encourage efficient
delivery of services and control spending, safeguarding the program
from loss, improving its management, and overseeing patient safety and
care.
What GAO Found:
Medicare’s design, coupled with rising health care costs and the coming
retirement of the baby boomers, presents fiscal and other challenges
that demand a strong management response. CMS has made some progress
in meeting key challenges it has the authority to tackle, but further
action is needed to increase Medicare’s efficiency, integrity, and
effectiveness.
Reforming and refining payments. Medicare faces financial pressure
from growing spending in key areas, such as for physician services,
while CMS continues to have difficulty in obtaining maximum value for
dollars spent. Nevertheless, in the past 2 years, CMS has taken
promising steps in areas where it has authority to refine how it sets
or updates Medicare payment rates, such as for hospital services,
durable medical equipment, and certain drugs and devices supplied in
medical facilities.
Enhancing program integrity. Medicare’s November 2006 estimate of its
national rate of improper payments was 4.4 percent—the lowest since
measurement began in 1996. However certain providers—such as suppliers
of durable medical equipment—continue to receive improper payments at a
higher rate. CMS has acted on some of GAO’s 2005 recommendations to
increase oversight of suppliers and is implementing quality standards
for them that will be overseen by accreditation organizations.
Improving program management. In 2005, CMS successfully began a
multiyear effort to reform its contracting practices by instituting
competitive procedures to select its Medicare administrative
contractors. CMS has also taken steps to strengthen its processes for
managing investments in information technology, but still has limited
capabilities to do so. Further, GAO found weaknesses in CMS’s
information security controls that could make sensitive, personally
identifiable medical information vulnerable to unauthorized access. In
addition, the start of CMS’s new Medicare prescription drug benefit was
not smooth. Prior to implementation, GAO warned of potential
weaknesses in CMS’s approach to enrolling the 6 million beneficiaries
eligible for both Medicare and Medicaid. Subsequent problems led
several state Medicaid agencies to continue providing drug coverage to
these beneficiaries until their enrollment issues could be resolved.
In addition, call centers sponsored by the agency or private drug plans
fell short in providing accurate and complete information to callers
inquiring about the prescription drug benefit.
Overseeing patient safety and care. CMS has implemented important
improvements to state and federal oversight activities of nursing home
quality since 1998. Nevertheless, despite 8 years of effort, CMS has
not implemented a more rigorous inspection process that is critical to
ensuring that annual inspections do not overlook serious quality-of-
care problems. On the other hand, CMS is acting on GAO’s 2006
recommendations to strengthen its oversight of clinical laboratories.
What Remains to Be Done:
CMS has implemented many GAO recommendations, but further action must
be taken to refine Medicare’s payment methods and the collection of
data used as a basis for setting payment rates; address integrity
weaknesses; improve its management of critical functions, such as
ensuring the accuracy, usefulness, and clarity of information provided
to the public; and address quality-of-care shortcomings in services
provided to beneficiaries.
Related Products; Medicare Program:
Information Security: The Centers for Medicare & Medicaid Services
Needs to Improve Controls over Key Communication Network. GAO-06-750.
Washington, D.C.: August 30, 2006.
Medicare: CMS's Proposed Approach to Set Hospital Inpatient Payments
Appears Promising. GAO-06-880. Washington, D.C.: July 28, 2006.
Medicare Physician Payments: Trends in Service Utilization, Spending,
and Fees Prompt Consideration of Alternative Payment Approaches. GAO-
06-1008T. Washington, D.C.: July 25, 2006.
Medicare Part B Drugs: CMS Data Source for Setting Payments Is
Practical but Concerns Remain. GAO-06-971T. Washington, D.C.: July 13,
2006.
Medicare Part D: Prescription Drug Plan Sponsor Call Center Responses
Were Prompt, but Not Consistently Accurate and Complete. GAO-06-710.
Washington, D.C.: June 30, 2006.
Clinical Lab Quality: CMS and Survey Organization Oversight Should Be
Strengthened. GAO-06-416. Washington, D.C.: June 16, 2006.
Medicare: Communications to Beneficiaries on the Prescription Drug
Benefit Could Be Improved. GAO-06-654. Washington, D.C.: May 3, 2006.
Nursing Homes: Despite Increased Oversight, Challenges Remain in
Ensuring High-Quality Care and Resident Safety. GAO-06-117. Washington,
D.C.: December 28, 2005.
Medicare: Contingency Plans to Address Potential Problems with the
Transition of Dual-Eligible Beneficiaries from Medicaid to Medicare
Drug Coverage. GAO-06-278R. Washington, D.C.: December 16, 2005.
Information Technology: Centers for Medicare & Medicaid Services Needs
to Establish Critical Investment Management Capabilities. GAO-06-12.
October 28, 2005.
Medicare: More Effective Screening and Stronger Enrollment Standards
Needed for Medical Equipment Suppliers. GAO-05-656. Washington, D.C.:
September 22, 2005.
Medicare Contracting Reform: CMS's Plan Has Gaps and Its Anticipated
Savings Are Uncertain. GAO-05-873. Washington, D.C.: August 17, 2005.
[End of Section]
Highlights: High-Risk Series: Medicaid Program:
GAO Highlights:
For additional information about this high-risk area, contact Kathryn
G. Allen at (202) 512-7118 or allenk@gao.gov.
Why Area Is High Risk:
In 2003, GAO designated Medicaid a high-risk program in part because of
growing concerns about the quality of fiscal oversight, which is
necessary to prevent inappropriate program spending. Medicaid, the
federal-state program that covers acute health care and long-term care
services for about 56 million low-income individuals, consists of more
than 50 distinct state-based programs that cost the federal government
and states an estimated $298 billion in fiscal year 2004. The program
accounts for more than 20 percent of states’ expenditures, exerting
continuing pressure on state budgets. The federal government, by a
formula established in law, can pay from half to more than three-
fourths of each state’s Medicaid expenditures.
The Centers for Medicare & Medicaid Services (CMS) in the Department of
Health and Human Services (HHS) is responsible for overseeing the
program at the federal level, while the states administer their
respective programs’ day-to-day operations.
What GAO Found:
Congress and CMS have taken important steps to improve Medicaid’s
fiscal integrity and financial management, but the program remains high
risk due to concerns about the program’s size, growth, and diversity,
as well as the adequacy of fiscal oversight. The program remains at
risk due to concerns in several areas:
Financing methods that leverage federal funds inappropriately. For more
than a decade, some states created the illusion that they had made
large Medicaid supplemental payments to certain government providers in
order to generate excessive federal matching payments. In reality, the
states only temporarily made payments to these providers but then
required that the payments be returned. CMS has taken steps to improve
its oversight of Medicaid financial management activities, including
its efforts to oversee states’ financing methods. However, several
oversight weaknesses have not been addressed. For example, CMS has not
developed a financial management strategic plan for Medicaid,
incorporated the use of key Medicaid data systems into its oversight of
states’ claims, or clarified and communicated its policies in several
high-risk areas, including supplemental payment arrangements.
Waiver programs that inappropriately increase the federal government’s
financial liability. The Secretary of HHS has authority to waive
certain statutory provisions to allow states to test new ideas for
achieving program objectives. Each waiver program must be “budget
neutral”: It should not be approved if it would increase the federal
financial liability beyond what it would have been without the program.
Since the mid-1990s, HHS has permitted states to use questionable
methods to demonstrate budget neutrality for waiver programs projected
to increase federal costs. For example, GAO earlier reported that HHS’s
rationale for approving four states’ waiver program spending limits as
budget neutral was unclear and not documented.
Inappropriate billing by providers serving program beneficiaries.
Medicaid is vulnerable to fraud, waste, and abuse by providers who
submit inappropriate claims, which in turn can result in substantial
financial losses to states and the federal government. There has been a
wide disparity between the level of staff and financial resources that
CMS has expended to support and oversee state activities to control
fraud and abuse, and the amount of federal Medicaid dollars at risk of
fraud and abuse. The Deficit Reduction Act of 2005 (DRA) created the
Medicaid Integrity Program and appropriated funds to fight fraud and
abuse. As required by DRA, CMS issued a comprehensive 5-year plan in
July 2006 that outlined CMS’s organizational structure and initial
activities to begin implementing the Medicaid Integrity Program.
What Remains to Be Done:
A GAO recommendation to Congress to limit Medicaid payments to
government facilities to the costs of providing services remains open.
HHS has not acted on GAO recommendations to develop methods to better
ensure the budget neutrality of Medicaid waiver programs. And CMS has
not acted on recommendations to develop a Medicaid financial management
strategic plan, identify needed systems projects, and improve guidance
to states in certain areas.
Related Products: Medicaid Program:
Medicaid Third-Party Liability: Federal Guidance Needed to Help States
Address Continuing Problems. GAO-06-862. Washington, D.C.: September
15, 2006.
Medicaid Financial Management: Steps Taken to Improve Federal Oversight
but Other Actions Needed to Sustain Efforts. GAO-06-705. Washington,
D.C.: June 22, 2006.
Medicaid Integrity: Implementation of New Program Provides
Opportunities for Federal Leadership to Combat Fraud, Waste, and Abuse.
GAO-06-578T. Washington, D.C.: March 28, 2006.
Medicaid Financing: States' Use of Contingency-Fee Consultants to
Maximize Federal Reimbursements Highlights Need for Improved Federal
Oversight. GAO-05-748. Washington, D.C.: June 28, 2005.
Medicaid: States' Efforts to Maximize Federal Reimbursements Highlight
Need for Improved Federal Oversight. GAO-05-836T. Washington, D.C.:
June 28, 2005.
Medicaid Waivers: HHS Approvals of Pharmacy Plus Demonstrations
Continue to Raise Cost and Oversight Concerns. GAO-04-480. Washington,
D.C.: June 30, 2004.
Medicaid and SCHIP: Recent HHS Approvals of Demonstration Waiver
Projects Raise Concerns. GAO-02-817. Washington, D.C.: July 12, 2002.
[End of Section]
Highlights: High-Risk Series: National Flood Insurance Program:
GAO Highlights:
For additional information about this high-risk area, contact Orice
Williams at (202) 512-5837 or williamso@gao.gov.
Why Area Is High Risk:
GAO placed the National Flood Insurance Program (NFIP) on its high-risk
list in March 2006 because the NFIP will unlikely generate sufficient
revenues to repay the billions borrowed from the Department of the
Treasury to cover flood claims from the 2005 hurricanes. And it is
unlikely that NFIP—a key component of the federal government’s efforts
to minimize the damage and financial impact of floods—could cover
catastrophic losses in future years. Estimated claims for Hurricanes
Katrina, Rita, and Wilma far surpass the total claims paid in the 38-
year history of the NFIP. The insufficient revenues highlight
structural weaknesses in how the program is funded.
The Federal Emergency Management Agency (FEMA) is the Department of
Homeland Security agency responsible for managing the NFIP. FEMA has
taken some steps to address these issues, including reducing the number
of subsidized and repetitive loss properties insured, but still faces
complex challenges in addressing these issues.
What GAO Found:
The NFIP, by design, is not actuarially sound. It subsidizes insurance
rates for about 26 percent of policies, primarily for certain high-risk
buildings constructed before NFIP flood plain regulations were
established in their communities. Although policyholders with
subsidized rates on average pay more than nonsubsidized policyholders
(because the risk of loss is higher), the subsidized rates may be only
35 percent to 40 percent of the true risk premium. Nonsubsidized
policyholders pay premiums based on the average historical loss year.
However, total collected premiums will unlikely be sufficient to pay
all expected flood losses over time. In January 2006, FEMA estimated
an annual shortfall in premium income of $750 million because of the
policy subsidies. This shortfall is compounded by the losses
associated with subsidized properties that have had repeated flood
losses (known as repetitive loss properties). Although repetitive loss
properties represent only 1 percent of NFIP insured buildings, they
account for 25 percent to 30 percent of all claims losses.
In addition, the program is not structured to build loss reserves like
a typical commercial insurance company, and it does not build and hold
capital. Instead, it generally pays claims and expenses out of current
premium income. When it has insufficient income to pay claims, the
NFIP has authority to borrow from Treasury. Between 1990 and 2003, the
NFIP had to borrow from Treasury during three extended periods to cover
flood losses. Each time, the NFIP was able to repay, with interest,
those borrowed funds. As shown below, the unprecedented losses from
the 2005 hurricanes greatly exceeded losses of previous years. It is
highly unlikely that the NFIP, as currently funded, could generate
revenues to repay Treasury, particularly if future hurricanes result in
loss levels greater than the average historical loss levels. From
September 2005 to March 2006, Congress three times increased FEMA’s
authority to borrow from Treasury—from $1.5 billion originally to $20.8
billion—to help pay for claims from the 2005 hurricane season. As of
August 31, 2006, the NFIP has paid out $17.3 billion in claims for 2005
floods.
Figure: Flood Loss Payments by Year of Flood Event, 1978 through August
2006:
[See PDF for Image]
Source: FEMA.
[End of Figure]
What Remains to Be Done:
Comprehensive reform will likely be needed to stabilize the long-term
finances of this program. GAO will continue to provide FEMA and
Congress with recommendations to help both consider ways to improve the
sufficiency of NFIP’s financial resources and current funding
mechanism, mitigate losses from repetitive loss properties, increase
compliance with mandatory purchase requirements, and expedite FEMA’s
$1.5 billion flood map modernization efforts.
Related Products: National Flood Insurance Program:
GAO's High-Risk Program. GAO-06-497T. Washington, D.C.: March 15, 2006.
Federal Emergency Management Agency: Challenges for the National Flood
Insurance Program. GAO-06-335T. Washington, D.C.: January 25, 2006.
Federal Emergency Management Agency: Improvements Needed to Enhance
Oversight and Management of the National Flood Insurance Program. GAO-
06-119. Washington, D.C.: October 18, 2005.
Federal Emergency Management Agency: Oversight and Management of the
National Flood Insurance Program. GAO-06-183T. Washington, D.C.:
October 20, 2005.
Federal Emergency Management Agency: Challenges Facing the National
Flood Insurance Program. GAO-06-174T. Washington, D.C.: October 18,
2005.
Flood Map Modernization: Federal Emergency Management Agency's
Implementation of a National Strategy. GAO-05-894T. Washington, D.C.:
July 12, 2005.
National Flood Insurance Program: Oversight of Policy Issuance and
Claims. GAO-05-532T. Washington, D.C.: April 14, 2005.
Flood Map Modernization: Program Strategy Shows Promise, but Challenges
Remain. GAO-04-417. Washington, D.C.: March 31, 2004.
National Flood Insurance Program: Actions to Address Repetitive Loss
Properties. GAO-04-401T. Washington, D.C.: March 25, 2004.
[End of section]
(450513):
FOOTNOTES
[1] GAO, High-Risk Series: An Update, GAO-05-207 (Washington, D.C.:
January 2005).
[2] GAO, Determining Performance and Accountability Challenges and High
Risks, GAO-01-159SP (Washington, D.C.: November 2000).
[3] GAO, Single-Family Housing: Progress Made, but Opportunities Exist
to Improve HUD's Oversight of FHA Lenders, GAO-05-13 (Washington, D.C.:
Nov. 12, 2004).
[4] GAO, HUD Single-Family and Multifamily Property Programs:
Inadequate Controls Resulted in Questionable Payments and Potential
Fraud, GAO-04-390 (Washington, D.C.: Mar. 3, 2004).
[5] GAO, Mortgage Financing: FHA's $7 Billion Reestimate Reflects
Higher Claims and Changing Loan Performance Estimates, GAO-05-875
(Washington, D.C.: Sept. 2, 2005).
[6] GAO, Mortgage Financing: HUD Could Realize Additional Benefits from
Its Mortgage Scorecard, GAO-06-435 (Washington, D.C.: Apr. 13, 2006).
[7] GAO, HUD Rental Assistance: Progress and Challenges in Measuring
and Reducing Improper Rent Subsidies, GAO-05-224 (Washington, D.C.:
Feb. 18, 2005).
[8] GAO, HUD Human Capital Management: Comprehensive Strategic
Workforce Planning Needed, GAO-02-839 (Washington, D.C.: July 24,
2002).
[9] GAO, HUD Management: Actions Needed to Improve Acquisition
Management, GAO-03-157 (Washington, D.C.: Nov. 15, 2002).
[10] "State of good repair" is the outcome expected from the capital
investment needed to restore Amtrak's right-of-way (track, signals, and
auxiliary structures), other infrastructure (e.g., stations), and
equipment to a condition that requires only routine maintenance.
[11] As we have reported, the trucking and barge industries pay fees
and taxes to use this government-funded infrastructure, but their
payments generally do not cover the costs they impose on highways and
waterways.
[12] GAO, Export Controls: Clarification of Jurisdiction for Missile
Technology Items Needed, GAO-02-120 (Washington, D.C.: Oct. 9, 2001);
and Export Controls: Improvements to Commerce's Dual-Use System Needed
to Ensure Protection of U.S. Interests in the Post-9/11 Environment,
GAO-06-638 (Washington, D.C.: June 26, 2006).
[13] GAO, Defense Trade: Enhancements to the Implementation of Exon-
Florio Could Strengthen the Law's Effectiveness, GAO-05-686
(Washington, D.C.: Sept. 28, 2005).
[14] GAO, Defense Acquisitions: DOD Needs to Better Support Program
Managers' Implementation of Anti-Tamper Protection, GAO-04-302
(Washington, D.C.: Mar. 31, 2004).
[15] GAO, Defense Trade: Arms Export Control System in the Post-9/11
Environment, GAO-05-234 (Washington, D.C.: Feb. 16, 2005); and Defense
Trade: Arms Export Control Vulnerabilities and Inefficiencies in the
Post-9/11 Security Environment, GAO-05-468R (Washington, D.C.: Apr. 7,
2005).
[16] This covers license applications processed between October 1,
2001, and April 30, 2004.
[17] GAO, Export Controls: Improvements to Commerce's Dual-Use System
Needed to Ensure Protection of U.S. Interests in the Post-9/11
Environment, GAO-06-638 (Washington, D.C.: June 26, 2006).
[18] GAO, Defense Trade: Arms Export Control Vulnerabilities and
Inefficiencies in the Post-9/11 Security Environment, GAO-05-468R
(Washington, D.C.: Apr. 7, 2005).
[19] GAO, Industrial Security: DOD Cannot Ensure Its Oversight of
Contractors under Foreign Influence Is Sufficient, GAO-05-681
(Washington, D.C.: July 15, 2005).
[20] The Export Administration Act is not permanent legislation. When
the authority granted under the act lapsed in 2001, the controls
established under the act and the implementing regulations were
continued under Executive Order 13222, which was issued under the
authority provided by the International Emergency Economic Powers Act.
[21] GAO, 21st Century Challenges: Reexamining the Base of the Federal
Government, GAO-05-325SP (Washington, D.C.: February 2005).
[22] GAO, Overseeing the U.S. Food Supply: Steps Should Be Taken to
Reduce Overlapping Inspections and Related Activities, GAO-05-549T
(Washington, D.C.: May 17, 2004).
[23] GAO, Oversight of Food Safety Activities: Federal Agencies Should
Pursue Opportunities to Reduce Overlap and Better Leverage Resources,
GAO-05-213 (Washington, D.C.: Mar. 30, 2005).
[24] GAO, Food Safety: USDA and FDA Need to Better Ensure Prompt and
Complete Recalls of Potentially Unsafe Food, GAO-05-51 (Washington,
D.C.: Oct. 6, 2004).
[25] GAO, Homeland Security: Much Is Being Done to Protect Agriculture
from a Terrorist Attack, but Important Challenges Remain, GAO-05-214
(Washington, D.C.: Mar. 8, 2005).
[26] GAO, Food Safety: Federal Oversight of Seafood Does Not
Sufficiently Protect Consumers, GAO-01-204 (Washington, D.C.: Jan. 31,
2001).
[27] GAO, Food Safety: FDA's Imported Seafood Safety Program Shows Some
Progress, but Further Improvements Are Needed, GAO-04-246 (Washington,
D.C.: Jan. 30, 2004).
[28] GAO, Overseeing the U.S. Food Supply: Steps Should Be Taken to
Reduce Overlapping Inspections and Related Activities, GAO-05-549T
(Washington, D.C.: May 17, 2005).
[29] Institute of Medicine, Ensuring Safe Food from Production to
Consumption, Washington, D.C.: National Academy Press, 1998.
[30] GAO, Food Safety and Security: Fundamental Changes Needed to
Ensure Safe Food, GAO-02-47T (Washington, D.C.: Oct. 10, 2001).
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site (www.gao.gov). Each weekday, GAO posts
newly released reports, testimony, and correspondence on its Web site.
To have GAO e-mail you a list of newly posted products every afternoon,
go to www.gao.gov and select "Subscribe to Updates."
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or
more copies mailed to a single address are discounted 25 percent.
Orders should be sent to:
U.S. Government Accountability Office 441 G Street NW, Room LM
Washington, D.C. 20548:
To order by Phone: Voice: (202) 512-6000 TDD: (202) 512-2537 Fax: (202)
512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: www.gao.gov/fraudnet/fraudnet.htm E-mail: fraudnet@gao.gov
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Gloria Jarmon, Managing Director, JarmonG@gao.gov (202) 512-4400 U.S.
Government Accountability Office, 441 G Street NW, Room 7125
Washington, D.C. 20548:
Public Affairs:
Paul Anderson, Managing Director, AndersonP1@gao.gov (202) 512-4800
U.S. Government Accountability Office, 441 G Street NW, Room 7149
Washington, D.C. 20548: